Agile Application Security: Enabling Security in a Continuous Delivery Pipeline

Agile Application Security: Enabling Security in a Continuous Delivery Pipeline
ISBN-10
1491938811
ISBN-13
9781491938812
Category
Computers
Pages
386
Language
English
Published
2017-09-08
Publisher
"O'Reilly Media, Inc."
Authors
Laura Bell, Michael Brunton-Spall, Rich Smith

Description

Agile continues to be the most adopted software development methodology among organizations worldwide, but it generally hasn't integrated well with traditional security management techniques. And most security professionals aren’t up to speed in their understanding and experience of agile development. To help bridge the divide between these two worlds, this practical guide introduces several security tools and techniques adapted specifically to integrate with agile development. Written by security experts and agile veterans, this book begins by introducing security principles to agile practitioners, and agile principles to security practitioners. The authors also reveal problems they encountered in their own experiences with agile security, and how they worked to solve them. You’ll learn how to: Add security practices to each stage of your existing development lifecycle Integrate security with planning, requirements, design, and at the code level Include security testing as part of your team’s effort to deliver working software in each release Implement regulatory compliance in an agile or DevOps environment Build an effective security program through a culture of empathy, openness, transparency, and collaboration

Get the book

Amazon.com
Amazon.com
Search the book
eBay.com
eBay.com
Search the book

Other editions

Similar books

  • Agile Application Security
    By Laura Bell. Michael Brunton-Spall. Rich Smith. Jim Bird

    Written by security experts and agile veterans, this book begins by introducing security principles to agile practitioners, and agile principles to security practitioners.

  • Practical Security for Agile and DevOps
    Practical Security for Agile and DevOps
    By Mark S. Merkow

    These tools are not perfect, and they can't see the entire application or even enough of it to substitute for running a complete scan. Instead, we recommend what's called sandbox scanning. Typically, scanners are set up for each ...

  • Secure, Resilient, and Agile Software Development
    Secure, Resilient, and Agile Software Development
    By Mark Merkow

    Secure, Resilient, and Agile Software Development was written for the following professionals: AppSec architects and program managers in information security organizations Enterprise architecture teams with application development focus ...

  • Web Application Security: Exploitation and Countermeasures for Modern Web Applications
    Web Application Security: Exploitation and Countermeasures for Modern Web Applications
    By Andrew Hoffman

    This practical guide provides both offensive and defensive security concepts that software engineers can easily learn and apply.

  • Alice and Bob Learn Application Security
    Alice and Bob Learn Application Security
    By Tanya Janca

    This book covers all the basic subjects such as threat modeling and security testing, but also dives deep into more complex and advanced topics for securing modern software systems and architectures.

  • Agile Application Lifecycle Management: Using DevOps to Drive Process Improvement
    Agile Application Lifecycle Management: Using DevOps to Drive Process Improvement
    By Bob Aiello, Leslie Sachs

    Coverage includes Understanding key concepts underlying modern application and system lifecycles Creating your best processes for developing your most complex software and systems Automating build engineering, continuous integration, and ...

  • Building in Security at Agile Speed
    Building in Security at Agile Speed
    By James Ransome, Brook S.E. Schoenfield

    This book presents a step-by-step process for software security that is relevant to today’s technical, operational, business, and development environments with a focus on what humans can do to control and manage the process in the form of ...

  • Web Application Security, A Beginner's Guide
    Web Application Security, A Beginner's Guide
    By Vincent Liu, Bryan Sullivan

    This book's templates, checklists, and examples are designed to help you get started right away.

  • Securing DevOps: Security in the Cloud
    Securing DevOps: Security in the Cloud
    By Julien Vehent

    A DevOps team's highest priority is understanding those risks and hardening the system against them. About the Book Securing DevOps teaches you the essential techniques to secure your cloud services.

  • Core Software Security: Security at the Source
    Core Software Security: Security at the Source
    By James Ransome, Anmol Misra

    Van Haren, Zaltbommel, The Netherlands. McGraw, G. (2013, January 18). Cigital Justice League Blog: SecuringSoftware Design 15. 16. 17. 18. 19. Is Hard. Retrieved from http://www.cigital.com/justice-league-blog/2013/01/18/ Applying the ...