×
Dodano do koszyka:
Pozycja znajduje się w koszyku, zwiększono ilość tej pozycji:
Zakupiłeś już tę pozycję:
Książkę możesz pobrać z biblioteki w panelu użytkownika
Pozycja znajduje się w koszyku
Przejdź do koszyka

Zawartość koszyka

ODBIERZ TWÓJ BONUS :: »

Threat Modeling Gameplay with EoP. A reference manual for spotting threats in software architecture Brett Crawley, Adam Shostack

(ebook) (audiobook) (audiobook) Książka w języku angielskim
Threat Modeling Gameplay with EoP. A reference manual for spotting threats in software architecture Brett Crawley, Adam Shostack - okladka książki

Threat Modeling Gameplay with EoP. A reference manual for spotting threats in software architecture Brett Crawley, Adam Shostack - okladka książki

Threat Modeling Gameplay with EoP. A reference manual for spotting threats in software architecture Brett Crawley, Adam Shostack - audiobook MP3

Threat Modeling Gameplay with EoP. A reference manual for spotting threats in software architecture Brett Crawley, Adam Shostack - audiobook CD

Autorzy:
Brett Crawley, Adam Shostack
Serie wydawnicze:
Hands-on
Ocena:
Bądź pierwszym, który oceni tę książkę
Stron:
256
Dostępne formaty:
     PDF
     ePub
Zostało Ci na świąteczne zamówienie opcje wysyłki »
Are you looking to navigate security risks, but want to make your learning experience fun? Here's a comprehensive guide that introduces the concept of play to protect, helping you discover the threats that could affect your software design via gameplay.
Each chapter in this book covers a suit in the Elevation of Privilege (EoP) card deck (a threat category), providing example threats, references, and suggested mitigations for each card. You’ll explore the methodology for threat modeling—Spoofing, Tampering, Repudiation, Information Disclosure, and Elevation of Privilege (S.T.R.I.D.E.) with Privacy deck and the T.R.I.M. extension pack. T.R.I.M. is a framework for privacy that stands for Transfer, Retention/Removal, Inference, and Minimization. Throughout the book, you’ll learn the meanings of these terms and how they should be applied. From spotting vulnerabilities to implementing practical solutions, the chapters provide actionable strategies for fortifying the security of software systems.
By the end of this book, you will be able to recognize threats, understand privacy regulations, access references for further exploration, and get familiarized with techniques to protect against these threats and minimize risks.

Wybrane bestsellery

O autorze książki

Brett Crawley is a Principal Application Security Engineer, (ISC)² CISSP, CSSLP, and CCSP certified, the project lead on the OWASP Application Security Awareness Campaigns project, and the author of the ostering blog on security. He has published a Miro template for threat modeling with the Elevation of Privilege card game, the CAPEC S.T.R.I.D.E. mapping mind maps, and other resources.
With over 10 years of application security experience and over 25 years of software engineering experience, he has worked with teams to define their security best practices and introduce security by design into their existing SDLC. As part of this initiative, he has trained teams in threat modeling because he believes good design is of key importance.

Zobacz pozostałe książki z serii Hands-on

Packt Publishing - inne książki

Zamknij

Przenieś na półkę

Proszę czekać...
ajax-loader

Zamknij

Wybierz metodę płatności

Ebook
98,10 zł
Dodaj do koszyka
Zamknij Pobierz aplikację mobilną Ebookpoint
Zabrania się wykorzystania treści strony do celów eksploracji tekstu i danych (TDM), w tym eksploracji w celu szkolenia technologii AI i innych systemów uczenia maszynowego. It is forbidden to use the content of the site for text and data mining (TDM), including mining for training AI technologies and other machine learning systems.