Designing Secure Software A Guide for Developers,9781718501928

Designing Secure Software A Guide for Developers

by
ISBN13: 9781718501928
ISBN10: 1718501927
Format: Paperback
Pub. Date: 2021-12-21
Publisher(s): No Starch Press
  • Free Shipping Icon

    Receive Free Shipping To The More Store!*

    *Marketplace items do not qualify for the free shipping promotion.

  • eCampus.com Device Compatibility Matrix

    Click the device icon to install or view instructions

    Apple iOS | iPad, iPhone, iPod
    Apple iOS | iPad, iPhone, iPod
    Android Devices | Android Tables & Phones OS 2.2 or higher | *Kindle Fire
    Android Devices | Android Tables & Phones OS 2.2 or higher | *Kindle Fire
    Windows 10 / 8 / 7 / Vista / XP
    Windows 10 / 8 / 7 / Vista / XP
    Mac OS X | **iMac / Macbook
    Mac OS X | **iMac / Macbook
    Enjoy offline reading with these devices
    Apple Devices
    Android Devices
    Windows Devices
    Mac Devices
    iPad, iPhone, iPod
    Our reader is compatible
     
     
     
    Android 2.2 +
     
    Our reader is compatible
     
     
    Kindle Fire
     
    Our reader is compatible
     
     
    Windows
    10 / 8 / 7 / Vista / XP
     
     
    Our reader is compatible
     
    Mac
     
     
     
    Our reader is compatible
List Price: $49.99

Buy New

Usually Ships in 5-7 Business Days
$49.94
Add to Cart

Rent Book

Select for Price
Add to Cart
There was a problem. Please try again later.

Rent Digital

Rent Digital Options
Online:1825 Days access
Downloadable:Lifetime Access
$29.99
*To support the delivery of the digital material to you, a non-refundable digital delivery fee of $3.99 will be charged on each digital item.
$29.99*
Add to Cart

Used Book

We're Sorry
Sold Out

Buy from our Marketplace starting at $12.91

How Marketplace Works:

  • This item is offered by an independent seller and not shipped from our warehouse
  • Item details like edition and cover design may differ from our description; see seller's comments before ordering.
  • Sellers much confirm and ship within two business days; otherwise, the order will be cancelled and refunded.
  • Marketplace purchases cannot be returned to eCampus.com. Contact the seller directly for inquiries; if no response within two days, contact customer service.
  • Additional shipping costs apply to Marketplace purchases. Review shipping costs at checkout.

Summary

What every software professional should know about security.

Designing Secure Software consolidates Loren Kohnfelder’s more than twenty years of experience into a concise, elegant guide to improving the security of technology products. Written for a wide range of software professionals, it emphasizes building security into software design early and involving the entire team in the process.
 
The book begins with a discussion of core concepts like trust, threats, mitigation, secure design patterns, and cryptography. The second part, perhaps this book’s most unique and important contribution to the field, covers the process of designing and reviewing a software design with security considerations in mind. The final section details the most common coding flaws that create vulnerabilities, making copious use of code snippets written in C and Python to illustrate implementation vulnerabilities.
 
You’ll learn how to:

   • Identify important assets, the attack surface, and the trust boundaries in a system
   • Evaluate the effectiveness of various threat mitigation candidates
   • Work with well-known secure coding patterns and libraries
   • Understand and prevent vulnerabilities like XSS and CSRF, memory flaws, and more
   • Use security testing to proactively identify vulnerabilities introduced into code
   • Review a software design for security flaws effectively and without judgment 
 
Kohnfelder’s career, spanning decades at Microsoft and Google, introduced numerous software security initiatives, including the co-creation of the STRIDE threat modeling framework used widely today. This book is a modern, pragmatic consolidation of his best practices, insights, and ideas about the future of software.

Author Biography

Loren Kohnfelder has over 20 years of experience working in the security industry for companies like Microsoft and Google. At Microsoft, he was a key contributor to the industry’s first formalized proactive security process methodology, and program-managed the .NET platform security effort. He was also a key contributor to the first organized approach to security by any major software platform company. At Google he worked as a software engineer on the Security team and as a founding member of the Privacy team, performing numerous security design reviews of large-scale complex real-world commercial platforms and systems, while working on various projects as a developer. Now retired, Kohnfelder shares his unique experience in industry through this book.
 

An electronic version of this book is available through VitalSource.

This book is viewable on PC, Mac, iPhone, iPad, iPod Touch, and most smartphones.

By purchasing, you will be able to view this book online, as well as download it, for the chosen number of days.

Digital License

You are licensing a digital product for a set duration. Durations are set forth in the product description, with "Lifetime" typically meaning five (5) years of online access and permanent download to a supported device. All licenses are non-transferable.

More details can be found here.

A downloadable version of this book is available through the eCampus Reader or compatible Adobe readers.

Applications are available on iOS, Android, PC, Mac, and Windows Mobile platforms.

Please view the compatibility matrix prior to purchase.