Seems you have not registered as a member of localhost.saystem.shop!
You may have to register before you can download all our books and magazines, click the sign up button below to create a free account.
Threat Modeling
Threat modeling is one of the most essential--and most misunderstood--parts of the development lifecycle. Whether you're a security practitioner or a member of a development team, this book will help you gain a better understanding of how you can apply core threat modeling concepts to your practice to protect your systems against threats. Contrary to popular belief, threat modeling doesn't require advanced security knowledge to initiate or a Herculean effort to sustain. But it is critical for spotting and addressing potential concerns in a cost-effective way before the code's written--and before it's too late to find a solution. Authors Izar Tarandach and Matthew Coles walk you through vario...
Building in Security at Agile Speed
Today's high-speed and rapidly changing development environments demand equally high-speed security practices. Still, achieving security remains a human endeavor, a core part of designing, generating and verifying software. Dr. James Ransome and Brook S.E. Schoenfield have built upon their previous works to explain that security starts with people; ultimately, humans generate software security. People collectively act through a particular and distinct set of methodologies, processes, and technologies that the authors have brought together into a newly designed, holistic, generic software development lifecycle facilitating software security at Agile, DevOps speed. —Eric. S. Yuan, Founder an...
Designing and Developing Secure Azure Solutions
Plan, build, and maintain highly secure Azure applications and workloads As business-critical applications and workloads move to the Microsoft Azure cloud, they must stand up against dangerous new threats. That means you must build robust security into your designs, use proven best practices across the entire development lifecycle, and combine multiple Azure services to optimize security. Now, a team of leading Azure security experts shows how to do just that. Drawing on extensive experience securing Azure workloads, the authors present a practical tutorial for addressing immediate security challenges, and a definitive design reference to rely on for years. Learn how to make the most of the ...
Automating API Delivery
Improve speed, quality, AND cost by automating your API delivery process! Automating API Delivery shows you how to strike the perfect balance between speed and usability by applying DevOps automation principles to your API design and delivery process. It lays out a clear path to making both the organizational and technical changes you need to deliver high-quality APIs both rapidly and reliably. In Automating API Delivery you’ll learn how to: Enforce API design standards with linting Automate breaking-change checks to control design creep Ensure accuracy of API reference documents Centralize API definition consistency checks Automate API configuration deployment Conduct effective API design...
ISSE 2014 Securing Electronic Business Processes
This book presents the most interesting talks given at ISSE 2014 – the forum for the inter-disciplinary discussion of how to adequately secure electronic business processes. The reader may expect state-of-the-art: best papers of the Conference ISSE 2014.
The Staff Engineer's Path
For years, companies have rewarded their most effective engineers with management positions. But treating management as the default path for an engineer with leadership ability doesn't serve the industry well--or the engineer. The staff engineer's path allows engineers to contribute at a high level as role models, driving big projects, determining technical strategy, and raising everyone's skills. This in-depth book shows you how to understand your role, manage your time, master strategic thinking, and set the standard for technical work. You'll read about how to be a leader without direct authority, how to plan ahead to make the right technical decisions, and how to make everyone around you better, while still growing as an expert in your domain. By exploring the three pillars of a staff engineer's job, Tanya Reilly, a veteran of the staff engineer track, shows you how to: Take a broad, strategic view when thinking about your work Dive into practical tactics for making projects succeed Determine what "good engineering" means in your organization
Mastering API Architecture
Most organizations with a web presence build and operate APIs; the doorway for customers to interact with the company's services. Designing, building, and managing these critical programs affect everyone in the organization, from engineers and product owners to C-suite executives. But the real challenge for developers and solution architects is creating an API platform from the ground up. With this practical book, you'll learn strategies for building and testing REST APIs that use API gateways to combine offerings at the microservice level. Authors James Gough, Daniel Bryant, and Matthew Auburn demonstrate how simple additions to this infrastructure can help engineers and organizations migra...
Security Architecture for Hybrid Cloud
As the transformation to hybrid multicloud accelerates, businesses require a structured approach to securing their workloads. Adopting zero trust principles demands a systematic set of practices to deliver secure solutions. Regulated businesses, in particular, demand rigor in the architectural process to ensure the effectiveness of security controls and continued protection. This book provides the first comprehensive method for hybrid multicloud security, integrating proven architectural techniques to deliver a comprehensive end-to-end security method with compliance, threat modeling, and zero trust practices. This method ensures repeatability and consistency in the development of secure sol...
97 Things Every Application Security Professional Should Know
As technology continues to advance and more business is conducted online, the potential attack surface increases exponentially and the need for strong application security measures become more and more crucial. This goes double for any organization that handles sensitive personal or financial information which is usually subject to government regulation. The consequences of a successful attack at the application level can be devastating for an organization, ranging from loss of revenue, to damaged reputation, to potential fines and other penalties. This book also introduces you to: What's considered application security and what security professionals should know What developers or software ...
Implementing Database Security and Auditing
This book is about database security and auditing. You will learn many methods and techniques that will be helpful in securing, monitoring and auditing database environments. It covers diverse topics that include all aspects of database security and auditing - including network security for databases, authentication and authorization issues, links and replication, database Trojans, etc. You will also learn of vulnerabilities and attacks that exist within various database environments or that have been used to attack databases (and that have since been fixed). These will often be explained to an "internals level. There are many sections which outline the "anatomy of an attack – before delvi...
