Agile Application Security: Enabling Security in a Continuous Delivery Pipeline - Softcover

Bell, Laura; Brunton-Spall, Michael; Smith, Rich

 
9781491938843: Agile Application Security: Enabling Security in a Continuous Delivery Pipeline
Softcover
ISBN 10: 1491938846 ISBN 13: 9781491938843
Verlag: O'Reilly Media, 2017

Inhaltsangabe

Agile continues to be the most adopted software development methodology among organizations worldwide, but it generally hasn't integrated well with traditional security management techniques. And most security professionals aren’t up to speed in their understanding and experience of agile development. To help bridge the divide between these two worlds, this practical guide introduces several security tools and techniques adapted specifically to integrate with agile development.

Written by security experts and agile veterans, this book begins by introducing security principles to agile practitioners, and agile principles to security practitioners. The authors also reveal problems they encountered in their own experiences with agile security, and how they worked to solve them.

You’ll learn how to:

  • Add security practices to each stage of your existing development lifecycle
  • Integrate security with planning, requirements, design, and at the code level
  • Include security testing as part of your team’s effort to deliver working software in each release
  • Implement regulatory compliance in an agile or DevOps environment
  • Build an effective security program through a culture of empathy, openness, transparency, and collaboration

Die Inhaltsangabe kann sich auf eine andere Ausgabe dieses Titels beziehen.

Über die Autorin bzw. den Autor

Laura Bell is the founder and lead consultant for SafeStack, a security training, development, and consultancy firm.

Laura is a software developer and penetration tester specializing in the management of information and application security risk within start-up and agile organizations. Over the past decade she has held a range of security and development roles and experienced first-hand the challenges of developing performant, scalable and secure systems. Historically the security function of an organization has been separate from the technical innovators, however Laura educates clients and audiences that in modern business this no longer works. Developers and implementers want to be empowered to understand their own security risk and address it.

Michael Brunton-Spall is the deputy director of technology and operations at Government Digital Service, part of the Cabinet Office in the UK Government. He helps set and assess security standards and advises on building secure services within government. He works as a consulting architect with a variety of government departments, helping them understand and implement Agile, DevOps, service operation and modern web architectures. Previously Michael has worked in the news industry, the gaming industry, the finance industry and the gambling industry.

Rich Smith is the Director of R&D for Duo Labs, supporting the advanced security research agenda for Duo Security. Prior to joining Duo, Rich was Director of Security at Etsy, co-founder of Icelandic red team startup, Syndis, and has held various roles on security teams at Immunity, Kyrus, Morgan Stanley, and HP Labs. Rich has worked professionally in the security space since the late 90’s covering a range of activities including building security organizations, security consulting, penetration testing, red teaming, offensive research, and developing exploits and attack tooling. He has worked in both the public and private sectors in the U.S., Europe, and Scandinavia, and currently spends most of his time bouncing between Detroit, Reykjavik and NYC.

Jim Bird is a CTO, software development manager, and project manager with more than 20 years of experience in financial services technology. He has worked with stock exchanges, central banks, clearinghouses, securities regulators, and trading firms in more than 30 countries. He is currently the CTO of a major US-based institutional alternative trading system.

Jim has been working in Agile and DevOps environments in financial services for several years. His first experience with incremental and iterative (“step-by-step”) development was back in the early 1990s, when he worked at a West Coast tech firm that developed, tested, and shipped software in monthly releases to customers around the world—he didn’t realize how unique that was at the time. Jim is active in the DevOps and AppSec communities, is a contributor to the Open Web Application Security Project (OWASP), and occasionally helps out as an analyst for the SANS Institute.

„Über diesen Titel“ kann sich auf eine andere Ausgabe dieses Titels beziehen.

Verlag
O'Reilly Media
Erscheinungsdatum
2017
Sprache
Englisch
ISBN 10 
1491938846
ISBN 13 
9781491938843
Einband
Taschenbuch
Anzahl der Seiten
386
Kontakt zum Hersteller
O'Reilly
https://oreilly.com

1005 Gravenstein Highway North
Sebastopol
CA
95472
USA
Verantwortliche Person
preigu
mail@preigu.de

Lengericher Landstr. 19
Osnabrück
49078
Deutschland

Weitere beliebte Ausgaben desselben Titels

9789352136292: AGILE APPLICATION SECURITY ENABING SECURITY IN A CONTINUOUS DELIVERY [Paperback] [Jan 01, 2017] BELL

Vorgestellte Ausgabe

ISBN 10:  9352136292 ISBN 13:  9789352136292
Softcover