Agile Application Security
Enabling Security in a Continuous Delivery Pipeline
Published on 26. September 2017
Book
Paperback/Softback
376 pages
978-1-4919-3884-3 (ISBN)
Description
Agile continues to be the most adopted software development methodology among organizations worldwide, but it generally hasn't integrated well with traditional security management techniques. And most security professionals aren't up to speed in their understanding and experience of agile development. To help bridge the divide between these two worlds, this practical guide introduces several security tools and techniques adapted specifically to integrate with agile development.
Written by security experts and agile veterans, this book begins by introducing security principles to agile practitioners, and agile principles to security practitioners. The authors also reveal problems they encountered in their own experiences with agile security, and how they worked to solve them.
You'll learn how to:
Add security practices to each stage of your existing development lifecycle
Integrate security with planning, requirements, design, and at the code level
Include security testing as part of your team's effort to deliver working software in each release
Implement regulatory compliance in an agile or DevOps environment
Build an effective security program through a culture of empathy, openness, transparency, and collaboration
Written by security experts and agile veterans, this book begins by introducing security principles to agile practitioners, and agile principles to security practitioners. The authors also reveal problems they encountered in their own experiences with agile security, and how they worked to solve them.
You'll learn how to:
Add security practices to each stage of your existing development lifecycle
Integrate security with planning, requirements, design, and at the code level
Include security testing as part of your team's effort to deliver working software in each release
Implement regulatory compliance in an agile or DevOps environment
Build an effective security program through a culture of empathy, openness, transparency, and collaboration
More details
Language
English
Place of publication
Sebastopol
United States
Target group
Professional and scholarly
Product notice
Paperback (trade)
Unsewn / adhesive bound
Dimensions
Height: 235 mm
Width: 179 mm
Thickness: 24 mm
Weight
678 gr
ISBN-13
978-1-4919-3884-3 (9781491938843)
Copyright in bibliographic data and cover images is held by Nielsen Book Services Limited or by the publishers or by their respective licensors: all rights reserved.
Schweitzer Classification
Other editions
Additional editions
Laura Bell | Michael Brunton-Spall | Rich Smith
Agile Application Security
Enabling Security in a Continuous Delivery Pipeline
E-Book
09/2017
O'Reilly
€42.49
Available for download
E-Book
09/2017
O'Reilly
€42.49
Available for download
Persons
Laura Bell is the founder and lead consultant for SafeStack, a security training, development, and consultancy firm.Laura is a software developer and penetration tester specializing in the management of information and application security risk within start-up and agile organizations. Over the past decade she has held a range of security and development roles and experienced first-hand the challenges of developing performant, scalable and secure systems. Historically the security function of an organization has been separate from the technical innovators, however Laura educates clients and audiences that in modern business this no longer works. Developers and implementers want to be empowered to understand their own security risk and address it.Michael Brunton-Spall is the lead security architect for Government Technology, Government Digital Service, a service in the Cabinet Office of the UK Government. He helps set and assess security standards and advises on building secure services within government. He works as a consulting architect with a variety of government departments, helping them understand and implement Agile, DevOps, service operation and modern web architectures. Previously Michael has worked in the news industry, the gaming industry, the finance industry and the gambling industry.Rich Smith, Director of Security Engineering at Etsy, leads a fearless band of cyber-guardians in defending Etsy's members, sellers, and knitted goods from the evils of the Interwebs. Prior to his role at Etsy, Rich co-founded Syndis, Iceland s premier technical security consultancy, where he continues to be an advisor and board member."