Core Software Security: Security at the Source

Core Software Security: Security at the Source

Anmol Misra

"... an interesting publication that would empower readers in either huge and small software program improvement and engineering agencies to construct protection into their products. ... Readers are armed with company ideas for the struggle opposed to cyber threats."
―Dr. Dena Haritos Tsamitis. Carnegie Mellon University

"... a needs to learn for safeguard experts, software program builders and software program engineers. ... might be a part of each safeguard professional’s library."
―Dr. Larry Ponemon, Ponemon Institute

"... the definitive how-to advisor for software program defense execs. Dr. Ransome, Anmol Misra, and Brook Schoenfield deftly define the methods and rules had to combine genuine protection into the software program improvement technique. ...A must-have for a person at the entrance traces of the Cyber War ..."
―Cedric Leighton, Colonel, USAF (Ret.), Cedric Leighton Associates

"Dr. Ransome, Anmol Misra, and Brook Schoenfield offer you a magic formulation during this e-book - the technique and strategy to construct safety into the full software program improvement existence cycle in order that the software program is secured on the resource! "
―Eric S. Yuan, Zoom Video Communications

There is way exposure relating to community safeguard, however the genuine cyber Achilles’ heel is insecure software program. thousands of software program vulnerabilities create a cyber condo of playing cards, within which we behavior our electronic lives. In reaction, defense humans construct ever extra complex cyber fortresses to guard this susceptible software program. regardless of their efforts, cyber fortifications regularly fail to guard our electronic treasures. Why? the safety has didn't have interaction absolutely with the inventive, cutting edge those who write software.

Core software program protection expounds developer-centric software program safety, a holistic method to have interaction creativity for defense. so long as software program is built via people, it calls for the human aspect to mend it. Developer-centric security isn't just possible but in addition economical and operationally suitable. The method builds safeguard into software program improvement, which lies on the center of our cyber infrastructure. no matter what improvement approach is hired, software program has to be secured on the source.

Book Highlights:

  • Supplies a practitioner's view of the SDL
  • Considers Agile as a safety enabler
  • Covers the privateness components in an SDL
  • Outlines a holistic business-savvy SDL framework that incorporates humans, method, and technology
  • Highlights the major good fortune elements, deliverables, and metrics for every part of the SDL
  • Examines rate efficiencies, optimized functionality, and organizational constitution of a developer-centric software program safety application and PSIRT
  • Includes a bankruptcy via famous protection architect Brook Schoenfield who stocks his insights and stories in utilizing the book’s SDL framework

View the authors' site at

Show sample text content

Download sample