Название: Threat Modeling: Risk Identification and Avoidance in Secure Design (Early Release) Автор: Izar Tarandach, Matthew J. Coles Издательство: O’Reilly Media, Inc. Год: 2019 Язык: английский Формат: epub, pdf (conv) Размер: 10.3 MB
Threat modeling is one of the most essential—and most misunderstood—parts of the development lifecycle. Whether you’re a security practitioner or application developer, this book will help you gain a better understanding of core concepts and how to apply them to your practice to protect your systems from threats.
Threat Modeling as a discipline has for long been considered either a black art that only some could aspire to master, an enterprise practice that had little to no use for the start-up or the individual developer, or simply a documentation exercise that amounted to not much more than a waste of time.
Lately, as of 2019, Threat Modeling has begun to receive more attention from defenders, developers and architects everywhere: we see a larger presence in security conferences, consulting requirements, training and tooling, and even in job postings. In this chapter you will examine why that is happening by looking at what Threat Modeling is, why it is important and why it supports securing your development process, product and deployment, making you and your team more effective and rounded architects and developers.
Threat Modeling is a conceptual exercise that aims at understanding what characteristics of a system’s design should be modified in order to reduce the security risk to an acceptable level for the owners, users and operators of the system.
Скачать Threat Modeling (Early Release)
|