دسترسی نامحدود
برای کاربرانی که ثبت نام کرده اند
دانلود کتاب Security-Driven Software Development: Learn to analyze and mitigate risks in your software projects
دانلود کتاب توسعه نرم افزار مبتنی بر امنیت: یاد بگیرید که در پروژه های نرم افزاری خود، خطرات را تجزیه و تحلیل و کاهش دهید
مشخصات کتاب
Security-Driven Software Development: Learn to analyze and mitigate risks in your software projects
ویرایش: 1
نویسندگان: Aspen Olmsted
سری:
ISBN (شابک) : 1835462839, 9781835462836
ناشر: Packt Publishing
سال نشر: 2024
تعداد صفحات: 461
زبان: English
فرمت فایل : PDF (درصورت درخواست کاربر به PDF، EPUB یا AZW3 تبدیل می شود)
حجم فایل: 12 مگابایت
قیمت کتاب (تومان) : 71,000
در صورت تبدیل فایل کتاب Security-Driven Software Development: Learn to analyze and mitigate risks in your software projects به فرمت های PDF، EPUB، AZW3، MOBI و یا DJVU می توانید به پشتیبان اطلاع دهید تا فایل مورد نظر را تبدیل نمایند.
توجه داشته باشید کتاب توسعه نرم افزار مبتنی بر امنیت: یاد بگیرید که در پروژه های نرم افزاری خود، خطرات را تجزیه و تحلیل و کاهش دهید نسخه زبان اصلی می باشد و کتاب ترجمه شده به فارسی نمی باشد. وبسایت اینترنشنال لایبرری ارائه دهنده کتاب های زبان اصلی می باشد و هیچ گونه کتاب ترجمه شده یا نوشته شده به فارسی را ارائه نمی دهد.
توضیحاتی درمورد کتاب به خارجی
فهرست مطالب
Security-Driven Software Development Contributors About the author About the reviewer Preface Who this book is for What this book covers To get the most out of this book Conventions used Get in touch Share your thoughts Download a free PDF copy of this book Part 1: Modeling a Secure Application Chapter 1: Security Principles What could go wrong? Principles Open Web Application Security Project NIST’s Secure Software Development Framework MITRE frameworks Software development lifecycles Microsoft’s Security Development Lifecycle Confidentiality, integrity, and availability Summary Self-assessment questions Answers Chapter 2: Designing a Secure Functional Model Requirements gathering and specification Non-functional requirements and security Capturing scenarios Textual use cases and misuse cases Graphical use cases and misuse cases Graphical use case diagram Graphical misuse case diagram Example enterprise secure functional model Purchase of tickets via self-service Trying to purchase tickets beyond the patron limit Summary Self-assessment questions Answers Chapter 3: Designing a Secure Object Model Identify objects and relationships Class diagrams Stereotypes Invariants Example of the enterprise secure object model Summary Self-assessment questions Answers Chapter 4: Designing a Secure Dynamic Model Technical requirements Object behavior Modeling interactions between objects UML sequence diagrams UML activity diagrams Constraints Example of the enterprise secure dynamic model Summary Self-assessment questions Answers Chapter 5: Designing a Secure System Model Partitions Modeling interactions between partitions UML component diagrams Patterns Example – developing an enterprise secure system model Summary Self-assessment questions Answers Chapter 6: Threat Modeling Threat model overview The STRIDE threat model The DREAD threat model Attack trees Mitigations Microsoft Threat Modeling Tool Example of an enterprise threat model Summary Self-assessment questions Answers Part 2: Mitigating Risks in Implementation Chapter 7: Authentication and Authorization Authentication Authorization Security Models Single sign-on and open authorization Single sign-on (SSO) Open authorization (OAuth) Implementing SSO and OAuth with Google Example of enterprise implementation Summary Self-assessment questions Answers Chapter 8: Input Validation and Sanitization Input validation Input sanitization Language-specific defenses Buffer overflows Example of the enterprise input validation and sanitization Summary Self-assessment questions Answers Chapter 9: Standard Web Application Vulnerabilities Injection attacks Broken authentication and session management Request forgery Language-specific defenses Example of enterprise web defenses Summary Self-assessment questions Answers Chapter 10: Database Security Overview of SQL SQL injection Maintaining database correctness Managing activity concurrency Language-specific defenses RBAC security in DBMS Encryption in DBMS An example of enterprise DB security Summary Self-assessment questions Answers Part 3: Security Validation Chapter 11: Unit Testing The principles of unit testing The advantages of unit testing Unit testing frameworks An example of enterprise threat model PHPUnit JUnit PyUnit Summary Self-assessment questions Answers Chapter 12: Regression Testing Regression testing overview Key concepts Process Benefits Robotic process automation The intersection of RPA and regression testing Regression testing tools Load testing Integration and complementarity UI.Vision RPA Example of the enterprise regression tests Summary Self-assessment questions Answers Chapter 13: Integration, System, and Acceptance Testing Types of integration tests Mocks Stubs Examples of enterprise integration testing System testing Acceptance testing Summary Self-assessment questions Answers Chapter 14: Software Penetration Testing Types of tests Phases Tools Information gathering and reconnaissance Vulnerability analysis and exploitation Post-exploitation and privilege escalation Network sniffing Forensics and monitoring Reporting and documentation An example of an enterprise penetration test report High-level summary Host analysis Summary Self-assessment questions Answers Index Why subscribe? Other Books You May Enjoy Packt is searching for authors like you Share your thoughts Download a free PDF copy of this book
نظرات کاربران
کتاب های تصادفی
دانلود کتاب Estudios y otras prácticas intelectuales latinoamericanas en cultura y poder
دانلود کتاب Participant Accessibility in Yalalag Zapotec
دانلود کتاب The Kim Dynasty of North Korea: The Notorious History of the Hermit Kingdom’s Supreme Leaders
دانلود کتاب Woke Antisemitism: How a Progressive Ideology Harms Jews
