Security-Driven Software Development

Trace security requirements through each development phase, mitigating multiple-layer attacks with practical examples, and emerge equipped with the skills to build resilient applications
Key FeaturesExplore the practical application of secure software development methodologiesModel security vulnerabilities throughout the software development lifecycle (SDLC)Develop the skills to trace requirements, from requirements gathering through to implementationPurchase of the print or Kindle book includes a free PDF eBookBook DescriptionExtend your software development skills to integrate security into every aspect of your projects. Perfect for any programmer or developer working on mission-critical applications, this hands-on guide helps you adopt secure software development practices. Explore core concepts like security specifi cation, modeling, and threat mitigation with the iterative approach of this book that allows you to trace security requirements through each phase of software development. You won't stop at the basics; you'll delve into multiple-layer att acks and develop the mindset to prevent them. Through an example application project involving an entertainment ticketing software system, you'll look at high-profi le security incidents that have aff ected popular music stars and performers. Drawing from the author's decades of experience building secure applications in this domain, this book off ers comprehensive techniques where problem-solving meets practicality for secure development.
By the end of this book, you'll have gained the expertise to systematically secure software projects, from crafting robust security specifi cations to adeptly mitigating multifaceted threats, ensuring your applications stand resilient in the face of evolving cybersecurity challenges.
What you will learnFind out non-functional requirements crucial for software security, performance, and reliabilityDevelop the skills to identify and model vulnerabilities in software design and analysisAnalyze and model various threat vectors that pose risks to software applicationsAcquire strategies to mitigate security threats specific to web applicationsAddress threats to the database layer of an applicationTrace non-functional requirements through secure software designWho this book is forMany software development jobs require developing, maintaining, enhancing, administering, and defending software applications, websites, and scripts. This book is designed for software developers and web developers seeking to excel in these roles, offering concise explanations and applied example use-cases.
Table of ContentsSecurity PrinciplesDesigning a Secure Functional ModelDesigning a Secure Object ModelDesigning a Secure Dynamic ModelDesigning a Secure System ModelThreat ModelingAuthentication and AuthorizationInput Validation and SanitizationStandard Web Application VulnerabilitiesDatabase SecurityUnit TestingRegression TestingIntegration, System, and Acceptance TestingSoftware Penetration Testing