(ISC)2 PRESS

Opis produktu

The text allows readers to learn about software security from a renowned security practitioner who is the appointed software assurance advisor for (ISC)2. Complete with numerous illustrations it makes complex security concepts easy to understand and implement. In addition to being a valuable resource for those studying for the CSSLP examination this book is also an indispensable software security reference for those already part of the certified elite. A robust and comprehensive appendix makes this book a timesaving resource for anyone involved in secure software development.Application vulnerabilities continue to top the list of cyber security concerns. While attackers and researchers continue to expose new application vulnerabilities the most common application flaws are previous rediscovered threats. For example SQL injection and crosssite scripting (XSS) have appeared on the Open Web Application Security Project (OWASP) Top 10 list year after year over the past decade. This high volume of known application vulnerabilities suggests that many development teams do not have the security resources needed to address all potential security flaws and a clear shortage of qualified professionals with application security skills exists. Without action this soft underbelly of business and governmental entities has and will continue to be exposed with serious consequencesdata breaches disrupted operations lost business brand damage and regulatory fines. This is why it is essential for software professionals to stay current on the latest advances in software development and the new security threats they create. Recognized as one of the best application security tools available for professionals involved in software development the Official (ISC)2 Guide to the CSSLP CBK Second Edition is both uptodate and relevant reflecting the latest developments in this everchanging field and providing an intuitive approach to the CSSLP Common Body of Knowledge (CBK). It provides a robust and comprehensive study of the 8 domains of the CBK covering everything from ensuring software security requirements are included in the software design phase to programming concepts that can effectively protect software from vulnerabilities to addressing issues pertaining to proper testing of software for security and implementing industry standards and practices to provide a high level of assurance that the supply chain is secureboth upstream. The book discusses the issues facing software professionals today such as mobile app development developing in the cloud software supply chain risk management and more. Numerous illustrated examples and practical exercises are included in this book to help the reader understand the concepts within the CBK and to enable them to apply these concepts in reallife situations. Endorsed by (ISC)2 and written and reviewed by CSSLPs and other (ISC)2 members this book serves as an unrivaled study tool for the certif

Data Publikacji: 2013-08-20
Wymiary: 254 mm 178 mm 1840 gr