The Security Development Lifecycle: SDL: A Process for Developing Demonstrably More Secure Software (Paperback)
暫譯: 安全開發生命週期:SDL:開發可證明更安全軟體的過程 (平裝本)
Michael Howard, Steve Lipner
買這商品的人也買了...
-
分散式物件新技術圖解入門 (Distributed Object)$420$328 -
$780CMMI: Guidelines for Process Integration and Product Improvement (Harcover) -
Developing Series 60 Applications : A Guide for Symbian OS C++ Developers (Paperback)$2,060$1,957 -
人月神話:軟體專案管理之道 (20 週年紀念版)(The Mythical Man-Month: Essays on Software Engineering, Anniversary Edition, 2/e)$480$379 -
Threat Modeling$1,420$1,349 -
UML 560 個應用範例技巧大全集-適用於 Java / VB.NET / C++$520$155 -
深入淺出設計模式 (Head First Design Patterns)$880$695 -
Rootkits: Subverting the Windows Kernel (Paperback)$2,370$2,252 -
Java 認證 SCJP 5.0 猛虎出閘$650$514 -
ASP.NET 2.0 深度剖析範例集$650$507 -
Linux 驅動程式, 3/e (Linux Device Drivers, 3/e)$980$774 -
Visual C# 2005 精要剖析$650$514 -
精通 MFC 視窗程式設計─Visual Studio 2005 版$750$593 -
The Wargame:駭客訓練基地─駭客防駭實戰演練$550$468 -
Ajax 技術手冊 (Foundations of Ajax)$450$356 -
$875Hunting Security Bugs (Paperback) -
MIS 網管聖經$620$490 -
次世代─Linux Ubuntu 玩全手冊$580$493 -
Developing Drivers with the Windows Driver Foundation (Paperback)$2,210$2,100 -
現代嵌入式系統開發專案實務-菜鳥成長日誌與專案經理的私房菜$600$480 -
最新 PHP + MySQL + AJAX 網頁程式設計$650$553 -
程式之美-微軟技術面試心得$490$387 -
Computer Organization and Design, 4/e : The Hardware/Software Interface (Paperback)$3,160$3,002 -
雲端運算 (Cloud Computing: Web-Based Applications That Change the Way You Work and Collaborate Online)$400$316 -
UML 團隊開發流程與管理$520$411
商品描述
Description
Your in-depth, expert guide to the proven process that helps reduce security bugs.
Your customers demand and deserve better security and privacy in their software. This book is the first to detail a rigorous, proven methodology that measurably minimizes security bugs—the Security Development Lifecycle (SDL). In this long-awaited book, security experts Michael Howard and Steve Lipner from the Microsoft Security Engineering Team guide you through each stage of the SDL—from education and design to testing and post-release. You get their first-hand insights, best practices, a practical history of the SDL, and lessons to help you implement the SDL in any development organization.
Discover how to:
•Use a streamlined risk-analysis process to find security design issues before code is committed
•Apply secure-coding best practices and a proven testing process
•Conduct a final security review before a product ships
•Arm customers with prescriptive guidance to configure and deploy your product more securely
•Establish a plan to respond to new security vulnerabilities
•Integrate security discipline into agile methods and processes, such as Extreme Programming and Scrum
Includes a CD featuring:
•A six-part security class video conducted by the authors and other Microsoft security experts
•Sample SDL documents and fuzz testing tool
商品描述(中文翻譯)
**描述**
您的深入專家指南,幫助減少安全漏洞的有效流程。
您的客戶要求並應該在其軟體中獲得更好的安全性和隱私。本書首次詳細介紹了一種嚴謹且經過驗證的方法論,能夠可量化地減少安全漏洞——安全開發生命週期(Security Development Lifecycle, SDL)。在這本期待已久的書中,來自微軟安全工程團隊的安全專家Michael Howard和Steve Lipner將引導您了解SDL的每個階段——從教育和設計到測試和發布後。您將獲得他們的第一手見解、最佳實踐、SDL的實用歷史以及幫助您在任何開發組織中實施SDL的經驗教訓。
了解如何:
• 使用精簡的風險分析流程,在代碼提交之前找到安全設計問題
• 應用安全編碼最佳實踐和經過驗證的測試流程
• 在產品發佈前進行最終的安全審查
• 為客戶提供指導,以更安全地配置和部署您的產品
• 建立應對新安全漏洞的計劃
• 將安全紀律整合到敏捷方法和流程中,例如極限編程(Extreme Programming)和Scrum
包括一張CD,內容包括:
• 由作者和其他微軟安全專家主講的六部分安全課程視頻
• SDL範本文件和模糊測試工具
