The Security Development Lifecycle: A Process for Developing Demonstrably More Secure Software
简介:
您的客户要求并应在其软件中获得更好的安全性和隐私性。本书首次详细介绍了一种严格且经过验证的方法,该方法可显着减少安全漏洞-安全开发生命周期 (SDL)。在这本期待已久的书中,来自Microsoft安全工程团队的安全专家Michael Howard和Steve Lipner将指导您完成SDL的每个阶段-从教育和设计到测试和发布后。您将获得他们的第一手见解、最佳实践、SDL的实践历史以及帮助您在任何开发组织中实施SDL的经验教训。
了解如何:
使用简化的风险分析流程,在提交代码之前发现安全设计问题应用安全编码最佳实践和经过验证的测试流程在产品发货前进行最终安全审查为客户提供规范性指导,以更安全地配置和部署您的产品制定应对新安全漏洞的计划将安全规范集成到敏捷方法和流程中,例如极限编程和Scrum
英文简介:
Your customers demand and deserve better security and privacy in their software. This book is the first to detail a rigorous, proven methodology that measurably minimizes security bugs—the Security Development Lifecycle (SDL). In this long-awaited book, security experts Michael Howard and Steve Lipner from the Microsoft Security Engineering Team guide you through each stage of the SDL—from education and design to testing and post-release. You get their first-hand insights, best practices, a practical history of the SDL, and lessons to help you implement the SDL in any development organization.
Discover how to:
Use a streamlined risk-analysis process to find security design issues before code is committedApply secure-coding best practices and a proven testing processConduct a final security review before a product shipsArm customers with prescriptive guidance to configure and deploy your product more securelyEstablish a plan to respond to new security vulnerabilitiesIntegrate security discipline into agile methods and processes, such as Extreme Programming and Scrum
- 书名
- The Security Development Lifecycle: A Process for Developing Demonstrably More Secure Software
- 译名
- 安全开发生命周期:开发更安全的软件的过程
- 语言
- 英语
- 年份
- 2006
- 页数
- 348页
- 大小
- 20.52 MB
- 标签
- 软件开发
- 下载
The Security Development Lifecycle: A Process for Developing Demonstrably More Secure Software.pdf- 密码
- 65536
最后更新:2025-04-12 23:54:36
←Building the Infrastructure for Cloud Security: A Solutions View
→The Coming Swarm: DDOS Actions, Hacktivism, and Civil Disobedience on the Internet