Amazon cover image
Image from Amazon.com
Image from Google Jackets

Practical Security for Agile and DevOps

By: Publication details: CRC Press 2022 New YorkDescription: 209ppISBN:
  • 9781032967127
Subject(s): Summary: This textbook was written from the perspective of someone who began his software security career in 2005, long before the industry began focusing on it. This is an excellent perspective for students who want to learn about securing application development. After having made all the rookie mistakes, the author realized that software security is a human factors issue rather than a technical or process issue alone. Throwing technology into an environment that expects people to deal with it but failing to prepare them technically and psychologically with the knowledge and skills needed is a certain recipe for bad results. Practical Security for Agile and DevOps is a collection of best practices and effective implementation recommendations that are proven to work. The text leaves the boring details of software security theory out of the discussion as much as possible to concentrate on practical applied software security that is useful to professionals. It is as much a book for students’ own benefit as it is for the benefit of their academic careers and organizations. Professionals who are skilled in secure and resilient software development and related tasks are in tremendous demand. This demand will increase exponentially for the foreseeable future. As students integrate the text’s best practices into their daily duties, their value increases to their companies, management, community, and industry. The textbook was written for the following readers: Students in higher education programs in business or engineering disciplines AppSec architects and program managers in information security organizations Enterprise architecture teams with a focus on application development Scrum Teams including: Scrum Masters Engineers/developers Analysts Architects Testers DevOps teams Product owners and their management Project managers Application security auditors Agile coaches and trainers Instructors and trainers in academia and private organizations Chapter 1: Today’s Software Development Practices Shatter Old Security Practices Chapter 2: Deconstructing Agile and Scrum Chapter 3: Learning Is FUNdamental! Chapter 4: Product Backlog Development—Building Security In Chapter 5: Secure Design Considerations Chapter 6: Security in the Design Sprint Chapter 7: Defensive Programming Chapter 8: Testing Part 1: Static Code Analysis Chapter 9: Testing Part 2: Penetration Testing/Dynamic Analysis/IAST/RASP Chapter 10: Securing DevOps Chapter 11: Metrics and Models for AppSec Maturity Chapter 12: Frontiers for AppSec Chapter 13: AppSec Is a Marathon—Not a Sprint! Appendix A: Security Acceptance Criteria Appendix B: Resources for AppSec Appendix C: Answers to Chapter Quick Check Questions
Tags from this library: No tags from this library for this title. Log in to add tags.
Star ratings
    Average rating: 0.0 (0 votes)
Holdings
Item type Current library Collection Status Notes Barcode
Books MKSSS s K.B. Joshi Institute of Information Technology Library MCA Available (not for issue) 2819 KBJP-BK-2819

This textbook was written from the perspective of someone who began his software security career in 2005, long before the industry began focusing on it. This is an excellent perspective for students who want to learn about securing application development. After having made all the rookie mistakes, the author realized that software security is a human factors issue rather than a technical or process issue alone. Throwing technology into an environment that expects people to deal with it but failing to prepare them technically and psychologically with the knowledge and skills needed is a certain recipe for bad results.

Practical Security for Agile and DevOps is a collection of best practices and effective implementation recommendations that are proven to work. The text leaves the boring details of software security theory out of the discussion as much as possible to concentrate on practical applied software security that is useful to professionals. It is as much a book for students’ own benefit as it is for the benefit of their academic careers and organizations. Professionals who are skilled in secure and resilient software development and related tasks are in tremendous demand. This demand will increase exponentially for the foreseeable future. As students integrate the text’s best practices into their daily duties, their value increases to their companies, management, community, and industry.

The textbook was written for the following readers:

Students in higher education programs in business or engineering disciplines
AppSec architects and program managers in information security organizations
Enterprise architecture teams with a focus on application development
Scrum Teams including:
Scrum Masters
Engineers/developers
Analysts
Architects
Testers
DevOps teams
Product owners and their management
Project managers
Application security auditors
Agile coaches and trainers
Instructors and trainers in academia and private organizations
Chapter 1: Today’s Software Development Practices Shatter Old Security Practices
Chapter 2: Deconstructing Agile and Scrum
Chapter 3: Learning Is FUNdamental!
Chapter 4: Product Backlog Development—Building Security In
Chapter 5: Secure Design Considerations
Chapter 6: Security in the Design Sprint
Chapter 7: Defensive Programming
Chapter 8: Testing Part 1: Static Code Analysis
Chapter 9: Testing Part 2: Penetration Testing/Dynamic Analysis/IAST/RASP
Chapter 10: Securing DevOps
Chapter 11: Metrics and Models for AppSec Maturity
Chapter 12: Frontiers for AppSec
Chapter 13: AppSec Is a Marathon—Not a Sprint!
Appendix A: Security Acceptance Criteria
Appendix B: Resources for AppSec
Appendix C: Answers to Chapter Quick Check Questions

There are no comments on this title.

to post a comment.