Book description
As countless breaches have proved, application security is no longer optional. But most established and trusted app sec tools were developed 10–15 years ago for a different world of software development. The next generation of software brings a different set of risks that requires new processes to manage. This report examines the security implications involved in next-generation software, from the code itself to the methodologies by which it’s developed and the infrastructure surrounding its use.
Cindy Blake shows you what this new software landscape looks like, covering new and evolving development technologies, tools, and frameworks and why they’re relevant to security. CISOs will see why cloud native and serverless architectures (for building software) and DevOps and Agile methodologies (for managing it) are critical areas for application security as they learn the 10 steps for securing next-generation software.
- Discover the DevOps principles that CISOs often overlook
- Explore three critical shifts of next-gen software and how they impact security
- Dive into a next-gen application security program
- Get practical advice for securing next generation software
Table of contents
- Foreword
-
10 Steps Every CISO Should Take to Secure Next-Gen Software
- Context: DevOps Principles That CISOs Often Overlook
- Three Critical Shifts of Next-Generation Software and How They Affect Security
- Shift 1: How Software Is Composed and Executed
- Shift 2: How Software Is Delivered and Managed
- Shift 3: How Software Complies with Regulatory Requirements
- What Lies Ahead for DevOps
- Defining the Next-Generation Application Security Program
-
Practical Advice for Securing Next-Generation Software
- Get in Front of the Change: “You Are Here”
- Rethink Security as an Outcome, Not a Department
- Start with the Process: Use Tools to Enable Change
- Solve for Obvious Cases: Breadth over Depth
- Unite the Workflow of Development and Security
- Monitor and Protect Applications in Production
- Align with Development Objectives
- Secure the SDLC
- Conclusion
Product information
- Title: 10 Steps Every CISO Should Take to Secure Next-Gen Software
- Author(s):
- Release date: November 2019
- Publisher(s): O'Reilly Media, Inc.
- ISBN: 9781492082903
You might also like
book
Designing Secure Software
Designing Secure Software consolidates Loren Kohnfelder's more than twenty years of experience into a concise, elegant …
book
97 Things Every Information Security Professional Should Know
Whether you're searching for new or additional opportunities, information security can be vast and overwhelming. In …
book
97 Things Every Software Architect Should Know
In this truly unique technical book, today's leading software architects present valuable principles on key development …
book
Software Architecture: The Hard Parts
There are no easy decisions in software architecture. Instead, there are many hard parts--difficult problems or …