Book description
As countless breaches have proved, application security is no longer optional. But most established and trusted app sec tools were developed 10–15 years ago for a different world of software development. The next generation of software brings a different set of risks that requires new processes to manage. This report examines the security implications involved in next-generation software, from the code itself to the methodologies by which it’s developed and the infrastructure surrounding its use.
Cindy Blake shows you what this new software landscape looks like, covering new and evolving development technologies, tools, and frameworks and why they’re relevant to security. CISOs will see why cloud native and serverless architectures (for building software) and DevOps and Agile methodologies (for managing it) are critical areas for application security as they learn the 10 steps for securing next-generation software.
- Discover the DevOps principles that CISOs often overlook
- Explore three critical shifts of next-gen software and how they impact security
- Dive into a next-gen application security program
- Get practical advice for securing next generation software
Table of contents
- Foreword
-
10 Steps Every CISO Should Take to Secure Next-Gen Software
- Context: DevOps Principles That CISOs Often Overlook
- Three Critical Shifts of Next-Generation Software and How They Affect Security
- Shift 1: How Software Is Composed and Executed
- Shift 2: How Software Is Delivered and Managed
- Shift 3: How Software Complies with Regulatory Requirements
- What Lies Ahead for DevOps
- Defining the Next-Generation Application Security Program
-
Practical Advice for Securing Next-Generation Software
- Get in Front of the Change: “You Are Here”
- Rethink Security as an Outcome, Not a Department
- Start with the Process: Use Tools to Enable Change
- Solve for Obvious Cases: Breadth over Depth
- Unite the Workflow of Development and Security
- Monitor and Protect Applications in Production
- Align with Development Objectives
- Secure the SDLC
- Conclusion
Product information
- Title: 10 Steps Every CISO Should Take to Secure Next-Gen Software
- Author(s):
- Release date: November 2019
- Publisher(s): O'Reilly Media, Inc.
- ISBN: 9781492082903
You might also like
book
97 Things Every Information Security Professional Should Know
Whether you're searching for new or additional opportunities, information security can be vast and overwhelming. In …
book
Secure by Design
Secure by Design teaches developers how to use design to drive security in software development. This …
book
The Manager’s Guide to Web Application Security: A Concise Guide to the Weaker Side of the Web
The Manager's Guide to Web Application Security is a concise, information-packed guide to application security risks …
book
Designing Secure Software
Designing Secure Software consolidates Loren Kohnfelder's more than twenty years of experience into a concise, elegant …