The Security Development Lifecycle - Michael Howard , Steven Lipner - Librairie Eyrolles

Déjà client ? Identifiez-vous

Mot de passe oublié ?

Nouveau client ?

CRÉER VOTRE COMPTE
The Security Development Lifecycle
Ajouter à une liste

Librairie Eyrolles - Paris 5e
Indisponible

The Security Development Lifecycle

The Security Development Lifecycle

Michael Howard, Steven Lipner

330 pages, parution le 15/06/2006

Résumé

Your in-depth, expert guide to the proven process that helps reduce security bugs.

Your customers demand and deserve better security and privacy in their software. This book is the first to detail a rigorous, proven methodology that measurably minimizes security bugs-the Security Development Lifecycle (SDL). In this long-awaited book, security experts Michael Howard and Steve Lipner from the Microsoft Security Engineering Team guide you through each stage of the SDL-from education and design to testing and post-release. You get their first-hand insights, best practices, a practical history of the SDL, and lessons to help you implement the SDL in any development organization.

Discover how to:

  • Use a streamlined risk-analysis process to find security design issues before code is committed
  • Apply secure-coding best practices and a proven testing process
  • Conduct a final security review before a product ships
  • Arm customers with prescriptive guidance to configure and deploy your product more securely
  • Establish a plan to respond to new security vulnerabilities
  • Integrate security discipline into agile methods and processes, such as Extreme Programming and Scrum

Includes a CD featuring:

  • A six-part security class video conducted by the authors and other Microsoft security experts
  • Sample SDL documents and fuzz testing tool

PLUS-Get book updates on the Web.

L'auteur - Michael Howard

Michael Howard, currently a program manager on the Windows 2000 security team, has been at Microsoft for 8 years. Prior to working on Windows 2000 he was the security program manager for Internet Information Server 4.0 and 5.0. Michael has spoken about security-related issues at many events such as Microsoft TechEd, Microsoft Professional Developer's Conferences and numerous industry gatherings. He hails from New Zealand, where he worked with banking and government clients helping them design, develop and deploy Windows NT-based security solutions. Currently, Michael lives 10 miles from the Microsoft Redmond campus in sunny Bellevue with his wife, Cheryl and two Yorkshire Terriers; Squirt and Major.

Sommaire

  • The Need for the SDL
    • Enough is enough : the threats have changed
    • Current software development methods fail to produce secure software
    • A short history of the SDL at Microsoft
    • SDL for management
  • The Security Development Lifecycle Process
    • Stage 0 : education and awareness
    • Stage 1 : project inception
    • Stage 2 : define and follow design best practices
    • Stage 3 : product risk assessment
    • Stage 4 : risk analysis
    • Stage 5 : creating security documents, tools, and best practices for customers
    • Stage 6 : secure coding policies
    • Stage 7 : secure testing policies
    • Stage 8 : the security push
    • Stage 9 : the final security review
    • Stage 10 : security response planning
    • Stage 11 : product release
    • Stage 12 : security response execution
  • SDL Reference Material
    • Integrating SDL with agile methods
    • SDL banned function calls
    • SDL minimum cryptographic standards
    • SDL-required tools and compiler options
    • Threat tree patterns
Voir tout
Replier

Caractéristiques techniques

  PAPIER
Éditeur(s) Microsoft Press
Auteur(s) Michael Howard, Steven Lipner
Parution 15/06/2006
Nb. de pages 330
Format 19 x 23
Couverture Broché
Poids 740g
Intérieur Noir et Blanc
EAN13 9780735622142
ISBN13 978-0-7356-2214-2

Avantages Eyrolles.com

Livraison à partir de 0,01 en France métropolitaine
Paiement en ligne SÉCURISÉ
Livraison dans le monde
Retour sous 15 jours
+ d'un million et demi de livres disponibles
satisfait ou remboursé
Satisfait ou remboursé
Paiement sécurisé
modes de paiement
Paiement à l'expédition
partout dans le monde
Livraison partout dans le monde
Service clients sav@commande.eyrolles.com
librairie française
Librairie française depuis 1925
Recevez nos newsletters
Vous serez régulièrement informé(e) de toutes nos actualités.
Inscription