Alice and Bob Learn Application Security

Cover
John Wiley & Sons, 10.11.2020 - 288 Seiten

Learn application security from the very start, with this comprehensive and approachable guide!

Alice and Bob Learn Application Security is an accessible and thorough resource for anyone seeking to incorporate, from the beginning of the System Development Life Cycle, best security practices in software development. This book covers all the basic subjects such as threat modeling and security testing, but also dives deep into more complex and advanced topics for securing modern software systems and architectures. Throughout, the book offers analogies, stories of the characters Alice and Bob, real-life examples, technical explanations and diagrams to ensure maximum clarity of the many abstract and complicated subjects.

Topics include:

  • Secure requirements, design, coding, and deployment
  • Security Testing (all forms)
  • Common Pitfalls
  • Application Security Programs
  • Securing Modern Applications
  • Software Developer Security Hygiene

Alice and Bob Learn Application Security is perfect for aspiring application security engineers and practicing software developers, as well as software project managers, penetration testers, and chief information security officers who seek to build or improve their application security programs.

Alice and Bob Learn Application Security illustrates all the included concepts with easy-to-understand examples and concrete practical applications, furthering the reader's ability to grasp and retain the foundational and advanced topics contained within.

 

Ausgewählte Seiten

Inhalt

Security Fundamentals
3
Security Requirements
21
Secure Design
65
Secure Code
83
Common Pitfalls
105
What You Should Do to Create Very Good Code
119
An AppSec Program
151
IAST Interactive Application Security Testing
161
DevSecOps
180
Summary
191
Helpful Information on How to Continue to Create
193
Continuous Learning
207
Closing Thoughts
217
Appendix A Resources
225
Appendix B Answer Key
233
Index
249

Securing Modern Applications and Systems
167

Andere Ausgaben - Alle anzeigen

Häufige Begriffe und Wortgruppen

Autoren-Profil (2020)

Tanya Janca, also known as SheHacksPurple, is the founder of We Hack Purple, an online learning academy dedicated to teaching everyone how to create secure software. With over twenty years of IT and coding experience, she has won numerous awards and worked as a developer, pentester, and AppSec Engineer. She was named Hacker of the Year by the Cybersecurity Woman of the Year 2019 Awards and is the Founder of WoSEC International, #CyberMentoringMonday, and OWASP DevSlop.

Bibliografische Informationen