Software Security
No se pudo agregar al carrito
Solo puedes tener X títulos en el carrito para realizar el pago.
Add to Cart failed.
Por favor prueba de nuevo más tarde
Error al Agregar a Lista de Deseos.
Por favor prueba de nuevo más tarde
Error al eliminar de la lista de deseos.
Por favor prueba de nuevo más tarde
Error al añadir a tu biblioteca
Por favor intenta de nuevo
Error al seguir el podcast
Intenta nuevamente
Error al dejar de seguir el podcast
Intenta nuevamente
Prueba gratis de 30 días de Audible Standard
Selecciona 1 audiolibro al mes de nuestra colección completa de más de 1 millón de títulos.
Es tuyo mientras seas miembro.
Obtén acceso ilimitado a los podcasts con mayor demanda.
Plan Standard se renueva automáticamente por $8.99 al mes después de 30 días. Cancela en cualquier momento.
Software Security
Narrado por:
Virtual Voice
Compra ahora por $6.40
-
Narrado por:
-
Virtual Voice
-
De:
-
Ajit Singh
Este título utiliza narración de voz virtual
Voz Virtual es una narración generada por computadora para audiolibros..
Philosophy: Security as an Engineering Discipline
The foundational philosophy of this book is that software security is not an audit, a checklist, or a final gate; it is a fundamental aspect of quality software engineering. The core philosophy of this book is that security is a development discipline, not a separate function. It is a shared responsibility of every developer, architect, and tester. This book rejects the outdated model of "penetrate and patch" and instead champions a proactive "build security in" approach. I believe that the most effective way to learn is by doing, and therefore, every concept is tied to a tangible action, a piece of code, or a practical development task. I focused on pragmatic, evidence-based practices that can be integrated directly into the daily workflow of a development team, making security a seamless and integral part of the entire Software Development Lifecycle (SDLC).
Key Features
1. Capstone Project-Driven: The book culminates in a full-fledged DIY capstone project where students build a secure web application, integrating lessons from every preceding chapter.
2. OWASP Top 10 Focus: A dedicated chapter provides an in-depth, practical exploration of the OWASP Top 10 vulnerabilities, which serves as a cornerstone of modern application security.
3. DevSecOps Integration: The book addresses contemporary development practices, explaining how security activities are integrated into CI/CD pipelines and agile workflows.
4. Simple and Clear Language: We intentionally avoid dense academic jargon where possible, opting for clear, direct explanations that are easy for students to understand and retain.
5. Beginner to Advanced: While the book starts with the basics, it progressively introduces more advanced topics like secure architecture patterns and automated security testing, making it a valuable resource for both introductory and advanced courses.
Key Takeaways
1. Upon completing this book, the reader will be able to:
2. Understand the Security Mindset: Think like an attacker to identify potential weaknesses in software.
3. Design Secure Software: Apply principles like Threat Modeling and secure design patterns to architect resilient applications.
4. Write Secure Code: Identify and prevent common vulnerabilities such as SQL Injection, Cross-Site Scripting (XSS), and Insecure Deserialization.
5. Test for Vulnerabilities: Utilize both static (SAST) and dynamic (DAST) analysis tools to discover security flaws in code and running applications.
6. Integrate Security into DevOps: Understand how to embed automated security checks and practices into a modern CI/CD pipeline.
7. Build a Complete Secure Application: Apply all learned concepts to successfully complete a capstone project, demonstrating end-to-end software security skills.
Disclaimer: Earnest request from the Author.
Kindly go through the table of contents and refer kindle edition for a glance on the related contents.
Thank you for your kind consideration!
Todavía no hay opiniones