prof. dr. Barry Derksen professor Antwerp Management school, Novi University Applied Sciences, VU Amsterdam, post graduate IT audit, Compliancy & Advisory. He is global Director Trust & Security (CISO) at LeasePlan and boardmember at ISACA and SSA (SecureSoftwareAlliance.org).
Meer over de auteursAgile Secure Software Lifecycle Management
Secure by Agile Design
Paperback Engels 2019 1e druk 9789081786652Samenvatting
'Agile',' ... SCRUM', '... DevOps ...', 'Big Data', 'Internet of Things (IoT)', '... Blockchain ...' are just a few of the winged terms that can be heard and read everywhere today.
All terms that have enormous influence, directly or indirectly on humanity. We all use the technology from smartphones to self-driving cars. And all this technology has one thing in common: it is controlled by software!
Every day we also read the headlines about hackers, cyber-crime, DDOS and the many other possibilities of abuse, failure, theft, loss, leak of important (personal) information or money. Safe software, both in development and in use, is therefore not a luxury.
Seeing that organizations are adopting Agile development in a rapid pace the Secure Software Alliance ( https://securesoftwarealliance.org) aims to provide methods and controls for secure development. In this book the Agile Secure Software Development Framework is introduced together with a method for maturing the Agile Secure Software Development Life Cycle. In short sprints the need, the trends, fundamentals and agile secure software development is explained. The Secure Software Alliance (SSA) provides organizations with a practical method to build and manage agile secure software in the sprints six and seven in this book.
Our method is part of the Roadmap for Digital Hard- and Software Security of Dutch Government. The not-for-profit SSA aims to assure the security of software! This book is an important step in this objective.
Specificaties
Lezersrecensies
Over Monique Neggers
Over Danny Onwezen
Over Stef Zelen
Inhoudsopgave
Sprint 1: Because we have to!
Sprint 2: A developer meets the hacker
Customer seeks developer
Developer speaks hacker
Developer meets SSA
Sprint 3: Agile beats structure
Megatrends ‘Sling of clock’
Megatrends ‘Social -Media’
Megatrends ‘Mobile Living’
Megatrends ‘Analytics’
Megatrends ‘Agile beats structure’
Megatrends ‘In the Clouds’
Megatrends ‘Internet of Things’
Megatrends ‘Chain- an process management trends’
Megatrends ‘Privacy is a myth’
Megatrends ‘Not a few super ego’s but all hyperego’s’
Disruption in summary: SMAACT
Sprint 4: Software Security Fundamentals
Software Security Fundamentals
Risks associated with vulnerable software
Understanding the Software Attack Surface
Risk and Value are not equally distributed
Secure Software in SDLC
Sprint 5: Introducing Agile secure software development
Main differences agile and waterfall
Agile security considerations
Sprint 6: Agile Secure Software Development Framework
Objectives of the framework
Stakeholders of the framework
Framework Secure Software
Context phase
Threats phase
Implementation phase
Verification phase
Controls
Sprint 7: Maturing Agile secure software development Life Cycle
Introducing Software Assurance Maturity Model
Building the Agile Software Assurance Maturity Model
-Risk Epics
-Risk Backlog
-Control Testing
-Risk & Security processes
Measuring ASAMM
Sprint 8: Roadmap for Digital Hard- and Software Security
Introduction
Basic principles
Product life-cycle approach
Joint responsibility
Balancing public values
Portfolio approach
Room for a complementary (differentiated) approach
Rubrieken
- advisering
- algemeen management
- coaching en trainen
- communicatie en media
- economie
- financieel management
- inkoop en logistiek
- internet en social media
- it-management / ict
- juridisch
- leiderschap
- marketing
- mens en maatschappij
- non-profit
- ondernemen
- organisatiekunde
- personal finance
- personeelsmanagement
- persoonlijke effectiviteit
- projectmanagement
- psychologie
- reclame en verkoop
- strategisch management
- verandermanagement
- werk en loopbaan