Practical Software Security
Book
Paperback/Softback
600 pages
978-1-4493-2588-6 (ISBN)
Description
Good security shouldn't hinder your ability to build and deploy high-quality software, or compromise its unique feature set. This practical guide - written by professionals who understand software development as well as security - shows you how to painlessly make security features part of the development process. Most books on software security are written by security people for security people. This practical book helps developers determine how best to incorporate security patterns, practices, technologies, and tools into the development cycle - without making you less effective or efficient at building great software and shipping it to users as fast and as often as you can. Learn a wide array of topics including infrastructure (and cloud) security Understand security concepts such as identity and cryptography Tackle security management issues including Payment Card Industry standards
More details
Series
Language
English
Place of publication
Sebastopol
United States
Target group
Professional and scholarly
Dimensions
Height: 233 mm
Width: 178 mm
ISBN-13
978-1-4493-2588-6 (9781449325886)
Copyright in bibliographic data and cover images is held by Nielsen Book Services Limited or by the publishers or by their respective licensors: all rights reserved.
Schweitzer Classification
Person
Mark Curphey graduated from Royal Holloway, University of London with a Masters degree in Information Security in the mid-nineties (as a mature student). Royal Holloway is recently famous as the cryptography school where the cryptographer Sophie Neveu was educated in the bestselling novel "The Da'Vinci Code". After spending several years working at investment banks in the City of London working on a variety of technical projects including PKI design, Windows NT security, policy development and single sign-on systems, he moved to Atlanta to run a consulting team performing security assessments at Internet Security Systems (now IBM). In late 2000 Mark took a job at Charles Schwab to create and manage the global software security program where he was responsible for ensuring the security of all business applications protecting over a Trillion dollars of customer investments. During this period Mark started OWASP (http://www.owasp.org), the Open Web Application Project. In 2003 he then joined a small startup called Foundstone to take the experience learnt at Schwab to other Fortune 1000 companies. The company was sold to McAfee in October 2004 and Mark Curphey joined the McAfee executive team reporting directly to the President. Mark was awarded the Microsoft MVP for Developer Security in 2005 for his community work in advancing the discipline of software security. In November 2006 he left Foundstone, moved back to Europe and took a year out to think seriously about the design of an information security management platform. A year later he joined Microsoft as a product Unit Manager building static analysis tools and protection libraries for web applications. Mark currently runs the MSDN Subscriptions engineering team at Microsoft and is working on a side project with friends to launch a new security community in 2012 called Seconauts. Mark was a contributing author to Beautiful Security and has written the forward for Innocent Code and Threats and Countermeasures. Bill Hau is the Vice President of McAfee Professional Services for the Americas. This team over over 100 security engineers and consultants includes the Foundstone Professional Services team as well as the McAfee Product implementation team. Bill has previous;y worked for Internet Security Systems in Atlanta and IBL global services where run operational security as an outsourced CSO for a variety of global organizations in the finance and manufacturing sectors. Bill also has a Master degree in Information Security from Royal Holloway, University of London in Information Security where he first met Mark Curphey.