Cyber.Security.Engineering Cyber Security Engineer

文件名称: Cyber.Security.Engineering

所属分类: 网络安全

开发工具:

文件大小: 13mb

下载次数: 0

上传时间: 2016-11-22

提供者: rami****

下载 (13mb)

不能下载？报告错误

详细说明： Cyber Security Engineering is the definitive modern reference and tutorial on the full range of capabilities associated with modern cyber security engineering. Pioneering software assurance experts Dr. Nancy R. Mead and Dr. Carol C. Woody bring together comprehe nsive best practices for building software systems that exhibit superior operational security, and for considering security throughout your full system development and acquisition lifecycles. Drawing on their pioneering work at the Software Engineering Institute (SEI) and Carnegie Mellon University, Mead and Woody introduce seven core principles of software assurance, and show how to apply them coherently and systematically. Using these principles, they help you prioritize the wide range of possible security actions available to you, and justify the required investments. Cyber Security Engineering guides you through risk analysis, planning to manage secure software development, building organizational models, identifying required and missing competencies, and defining and structuring metrics. Mead and Woody address important topics, including the use of standards, engineering security requirements for acquiring COTS software, applying DevOps, analyzing malware to anticipate future vulnerabilities, and planning ongoing improvements. This book will be valuable to wide audiences of practitioners and managers with responsibility for systems, software, or quality engineering, reliability, security, acquisition, or operations. Whatever your role, it can help you reduce operational problems, eliminate excessive patching, and deliver software that is more resilient and secure. Table of Contents Chapter 1. Cyber Security Engineering: Lifecycle Assurance of Systems and Software Chapter 2. Risk Analysis—Identifying and Prioritizing Needs Chapter 3. Secure Software Development Management and Organizational Models1 Chapter 4. Engineering Competencies Chapter 5. Performing Gap Analysis Chapter 6. Metrics Chapter 7. Special Topics in Cyber Security Engineering Chapter 8. Summary and Plan for Improvements in Cyber Security Engineering Performance Appendix A. WEA Case Study: Evaluating Security Risks Using Mission Threads1 Appendix B. The MSwA Body of Knowledge with Maturity Levels Added Appendix C. The Software Assurance Curriculum Project Appendix D. The Software Assurance Competency Model Designations1 Appendix E. Proposed SwA Competency Mappings Appendix F. BSIMM Assessment Final Report Appendix G. Measures from Lifecycle Activities, Security Resources, and Software Assurance Principles ...展开收缩

(系统自动生成,下载前可以参看下载内容)