CSSLP Certification All-in-One Exam Guide, Second Edition, 2nd Edition

CHAPTER 8 Design Processes

In this chapter you will

• Examine the concept of attack surfaces and attack surface minimization

• Examine the use of threat modeling to reduce vulnerabilities

• Examine the integration of enterprise security controls to mitigate threats in software

• Explore risks associated with code reuse

• Learn how security gate reviews can use threat modeling and attack surface information to improve security

Security implementation begins with requirements, and becomes built in if designed in as part of the design phase of the secure development lifecycle (SDL). Designing in the security requirements enables the coding and implementation phases to create a more secure product. Minimization of vulnerabilities is ...

Get CSSLP Certification All-in-One Exam Guide, Second Edition, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CSSLP Certification All-in-One Exam Guide, Second Edition, 2nd Edition by Wm. Arthur Conklin, Daniel Paul Shoemaker

CHAPTER 8

Design Processes

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly