買這商品的人也買了...
-
分散式物件新技術圖解入門 (Distributed Object)$420$328 -
$780CMMI: Guidelines for Process Integration and Product Improvement (Harcover) -
Developing Series 60 Applications : A Guide for Symbian OS C++ Developers (Paperback)$2,170$2,062 -
人月神話:軟體專案管理之道 (20 週年紀念版)(The Mythical Man-Month: Essays on Software Engineering, Anniversary Edition, 2/e)$480$379 -
Threat Modeling$1,500$1,425 -
UML 560 個應用範例技巧大全集-適用於 Java / VB.NET / C++$520$406 -
深入淺出設計模式 (Head First Design Patterns)$880$695 -
Rootkits: Subverting the Windows Kernel (Paperback)$2,275$2,161 -
Java 認證 SCJP 5.0 猛虎出閘$650$514 -
ASP.NET 2.0 深度剖析範例集$650$507 -
Linux 驅動程式, 3/e (Linux Device Drivers, 3/e)$980$774 -
Visual C# 2005 精要剖析$650$553 -
精通 MFC 視窗程式設計─Visual Studio 2005 版$750$593 -
The Wargame:駭客訓練基地─駭客防駭實戰演練$550$468 -
Ajax 技術手冊 (Foundations of Ajax)$450$356 -
$875Hunting Security Bugs (Paperback) -
MIS 網管聖經$620$558 -
次世代─Linux Ubuntu 玩全手冊$580$522 -
Developing Drivers with the Windows Driver Foundation (Paperback)$2,330$2,214 -
現代嵌入式系統開發專案實務-菜鳥成長日誌與專案經理的私房菜$600$480 -
最新 PHP + MySQL + AJAX 網頁程式設計$650$553 -
程式之美-微軟技術面試心得$490$417 -
Computer Organization and Design, 4/e : The Hardware/Software Interface (Paperback)$3,130$2,974 -
雲端運算 (Cloud Computing: Web-Based Applications That Change the Way You Work and Collaborate Online)$400$316 -
UML 團隊開發流程與管理$520$442
商品描述
Description
Your in-depth, expert guide to the proven process that helps reduce security bugs.
Your customers demand and deserve better security and privacy in their software. This book is the first to detail a rigorous, proven methodology that measurably minimizes security bugs—the Security Development Lifecycle (SDL). In this long-awaited book, security experts Michael Howard and Steve Lipner from the Microsoft Security Engineering Team guide you through each stage of the SDL—from education and design to testing and post-release. You get their first-hand insights, best practices, a practical history of the SDL, and lessons to help you implement the SDL in any development organization.
Discover how to:
•Use a streamlined risk-analysis process to find security design issues before code is committed
•Apply secure-coding best practices and a proven testing process
•Conduct a final security review before a product ships
•Arm customers with prescriptive guidance to configure and deploy your product more securely
•Establish a plan to respond to new security vulnerabilities
•Integrate security discipline into agile methods and processes, such as Extreme Programming and Scrum
Includes a CD featuring:
•A six-part security class video conducted by the authors and other Microsoft security experts
•Sample SDL documents and fuzz testing tool
