Verfügbarkeit: The security development lifecycle | Technische Universität München

The security development lifecycle: SDL, a process for developing demonstrably more secure software

Your customers demand and deserve better security and privacy in their software. This book is the first to detail a rigorous, proven methodology that measurably minimizes security bugs-the Security Development Lifecycle (SDL). In this long-awaited book, security experts Michael Howard and Steve Lipn...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Beteilige Person:	Howard, Michael 1965- (VerfasserIn)
Weitere beteiligte Personen:	Lipner, Steve (MitwirkendeR)
Format:	Elektronisch E-Book
Sprache:	Englisch
Veröffentlicht:	Redmond, Wash. Microsoft Press 2006
Schriftenreihe:	Best practices Microsoft secure software development series
Schlagwörter:	Computer software > Development Computer security Computer software > Reliability Sécurité informatique Logiciels ; Fiabilité COMPUTERS ; Internet ; Security COMPUTERS ; Networking ; Security COMPUTERS ; Security ; General Computer software ; Development Computer software ; Reliability
Links:	https://learning.oreilly.com/library/view/-/0735622140/?ar
Zusammenfassung:	Your customers demand and deserve better security and privacy in their software. This book is the first to detail a rigorous, proven methodology that measurably minimizes security bugs-the Security Development Lifecycle (SDL). In this long-awaited book, security experts Michael Howard and Steve Lipner from the Microsoft Security Engineering Team guide you through each stage of the SDL-from education and design to testing and post-release. You get their first-hand insights, best practices, a practical history of the SDL, and lessons to help you implement the SDL in any development organization. Discover how to: Use a streamlined risk-analysis process to find security design issues before code is committed Apply secure-coding best practices and a proven testing process Conduct a final security review before a product ships Arm customers with prescriptive guidance to configure and deploy your product more securely Establish a plan to respond to new security vulnerabilities Integrate security discipline into agile methods and processes, such as Extreme Programming and Scrum Includes a CD featuring: A six-part security class video conducted by the authors and other Microsoft security experts Sample SDL documents and fuzz testing tool PLUS-Get book updates on the Web. A Note Regarding the CD or DVD The print version of this book ships with a CD or DVD. For those customers purchasing one of the digital formats in which this book is available, we are pleased to offer the CD/DVD content as a free download via O'Reilly Media's Digital Distribution services. To download this content, please visit O'Reilly's web site, search for the title of this book to find its catalog page, and click on the link below the cover image (Examples, Companion Content, or Practice Files). Note that while we provide as much of the media content as we are able via free download, we are sometimes limited by licensing restrictions. Please direct any questions or concerns to booktechoreilly.com.
Beschreibung:	Title from title screen. - Includes bibliographical references and index. - Print version record
Umfang:	1 Online-Ressource.
Format:	Master and use copy. Digital master created according to Benchmark for Faithful Digital Reproductions of Monographs and Serials, Version 1. Digital Library Federation, December 2002.
ISBN:	0735622140 9780735622142 9780735635579 0735635579 0735637474 9780735637474

Internformat

MARC


LEADER	00000cam a22000002 4500
001	ZDB-30-ORH-047366494
003	DE-627-1
005	20240228114043.0
007	cr uuu---uuuuu
008	191023s2006 xx \|\|\|\|\|o 00\| \|\|eng c
020			\|a 0735622140 \|9 0-7356-2214-0
020			\|a 9780735622142 \|9 978-0-7356-2214-2
020			\|a 9780735635579 \|c electronic bk. \|9 978-0-7356-3557-9
020			\|a 0735635579 \|c electronic bk. \|9 0-7356-3557-9
020			\|a 0735637474 \|9 0-7356-3747-4
020			\|a 9780735637474 \|9 978-0-7356-3747-4
035			\|a (DE-627-1)047366494
035			\|a (DE-599)KEP047366494
035			\|a (ORHE)0735622140
035			\|a (DE-627-1)047366494
040			\|a DE-627 \|b ger \|c DE-627 \|e rda
041			\|a eng
072		7	\|a COM \|2 bisacsh
072		7	\|a COM \|2 bisacsh
072		7	\|a COM \|2 bisacsh
082	0		\|a 005.1 \|2 22
100	1		\|a Howard, Michael \|d 1965- \|e VerfasserIn \|4 aut
245	1	4	\|a The security development lifecycle \|b SDL, a process for developing demonstrably more secure software \|c Michael Howard, Steve Lipner
246	3	3	\|a SDL, a process for developing demonstrably more secure software
264		1	\|a Redmond, Wash. \|b Microsoft Press \|c 2006
264		2	\|a [Place of publication not identified] \|b HathiTrust Digital Library
300			\|a 1 Online-Ressource.
336			\|a Text \|b txt \|2 rdacontent
337			\|a Computermedien \|b c \|2 rdamedia
338			\|a Online-Ressource \|b cr \|2 rdacarrier
490	0		\|a Best practices
490	0		\|a Microsoft secure software development series
500			\|a Title from title screen. - Includes bibliographical references and index. - Print version record
506			\|f Restrictions unspecified \|2 star
520			\|a Your customers demand and deserve better security and privacy in their software. This book is the first to detail a rigorous, proven methodology that measurably minimizes security bugs-the Security Development Lifecycle (SDL). In this long-awaited book, security experts Michael Howard and Steve Lipner from the Microsoft Security Engineering Team guide you through each stage of the SDL-from education and design to testing and post-release. You get their first-hand insights, best practices, a practical history of the SDL, and lessons to help you implement the SDL in any development organization. Discover how to: Use a streamlined risk-analysis process to find security design issues before code is committed Apply secure-coding best practices and a proven testing process Conduct a final security review before a product ships Arm customers with prescriptive guidance to configure and deploy your product more securely Establish a plan to respond to new security vulnerabilities Integrate security discipline into agile methods and processes, such as Extreme Programming and Scrum Includes a CD featuring: A six-part security class video conducted by the authors and other Microsoft security experts Sample SDL documents and fuzz testing tool PLUS-Get book updates on the Web. A Note Regarding the CD or DVD The print version of this book ships with a CD or DVD. For those customers purchasing one of the digital formats in which this book is available, we are pleased to offer the CD/DVD content as a free download via O'Reilly Media's Digital Distribution services. To download this content, please visit O'Reilly's web site, search for the title of this book to find its catalog page, and click on the link below the cover image (Examples, Companion Content, or Practice Files). Note that while we provide as much of the media content as we are able via free download, we are sometimes limited by licensing restrictions. Please direct any questions or concerns to booktechoreilly.com.
538			\|a Master and use copy. Digital master created according to Benchmark for Faithful Digital Reproductions of Monographs and Serials, Version 1. Digital Library Federation, December 2002.
650		0	\|a Computer software \|x Development
650		0	\|a Computer security
650		0	\|a Computer software \|x Reliability
650		4	\|a Sécurité informatique
650		4	\|a Logiciels ; Fiabilité
650		4	\|a COMPUTERS ; Internet ; Security
650		4	\|a COMPUTERS ; Networking ; Security
650		4	\|a COMPUTERS ; Security ; General
650		4	\|a Computer software ; Development
650		4	\|a Computer security
650		4	\|a Computer software ; Reliability
650		4	\|a Computer security
650		4	\|a Computer software ; Development
650		4	\|a Computer software ; Reliability
700	1		\|a Lipner, Steve \|e MitwirkendeR \|4 ctb
966	4	0	\|l DE-91 \|p ZDB-30-ORH \|q TUM_PDA_ORH \|u https://learning.oreilly.com/library/view/-/0735622140/?ar \|m X:ORHE \|x Aggregator \|z lizenzpflichtig \|3 Volltext
912			\|a ZDB-30-ORH
912			\|a ZDB-30-ORH
951			\|a BO
912			\|a ZDB-30-ORH
049			\|a DE-91

Datensatz im Suchindex

DE-BY-TUM_katkey	ZDB-30-ORH-047366494
_version_	1821494916421779456
adam_text
any_adam_object
author	Howard, Michael 1965-
author2	Lipner, Steve
author2_role	ctb
author2_variant	s l sl
author_facet	Howard, Michael 1965- Lipner, Steve
author_role	aut
author_sort	Howard, Michael 1965-
author_variant	m h mh
building	Verbundindex
bvnumber	localTUM
collection	ZDB-30-ORH
ctrlnum	(DE-627-1)047366494 (DE-599)KEP047366494 (ORHE)0735622140
dewey-full	005.1
dewey-hundreds	000 - Computer science, information, general works
dewey-ones	005 - Computer programming, programs, data, security
dewey-raw	005.1
dewey-search	005.1
dewey-sort	15.1
dewey-tens	000 - Computer science, information, general works
discipline	Informatik
format	Electronic eBook
fullrecord	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>04695cam a22006852 4500</leader><controlfield tag="001">ZDB-30-ORH-047366494</controlfield><controlfield tag="003">DE-627-1</controlfield><controlfield tag="005">20240228114043.0</controlfield><controlfield tag="007">cr uuu---uuuuu</controlfield><controlfield tag="008">191023s2006 xx \|\|\|\|\|o 00\| \|\|eng c</controlfield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">0735622140</subfield><subfield code="9">0-7356-2214-0</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9780735622142</subfield><subfield code="9">978-0-7356-2214-2</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9780735635579</subfield><subfield code="c">electronic bk.</subfield><subfield code="9">978-0-7356-3557-9</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">0735635579</subfield><subfield code="c">electronic bk.</subfield><subfield code="9">0-7356-3557-9</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">0735637474</subfield><subfield code="9">0-7356-3747-4</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9780735637474</subfield><subfield code="9">978-0-7356-3747-4</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-627-1)047366494</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)KEP047366494</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(ORHE)0735622140</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-627-1)047366494</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-627</subfield><subfield code="b">ger</subfield><subfield code="c">DE-627</subfield><subfield code="e">rda</subfield></datafield><datafield tag="041" ind1=" " ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="072" ind1=" " ind2="7"><subfield code="a">COM</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="072" ind1=" " ind2="7"><subfield code="a">COM</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="072" ind1=" " ind2="7"><subfield code="a">COM</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="082" ind1="0" ind2=" "><subfield code="a">005.1</subfield><subfield code="2">22</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Howard, Michael</subfield><subfield code="d">1965-</subfield><subfield code="e">VerfasserIn</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="4"><subfield code="a">The security development lifecycle</subfield><subfield code="b">SDL, a process for developing demonstrably more secure software</subfield><subfield code="c">Michael Howard, Steve Lipner</subfield></datafield><datafield tag="246" ind1="3" ind2="3"><subfield code="a">SDL, a process for developing demonstrably more secure software</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Redmond, Wash.</subfield><subfield code="b">Microsoft Press</subfield><subfield code="c">2006</subfield></datafield><datafield tag="264" ind1=" " ind2="2"><subfield code="a">[Place of publication not identified]</subfield><subfield code="b">HathiTrust Digital Library</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">1 Online-Ressource.</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">Text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">Computermedien</subfield><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">Online-Ressource</subfield><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="490" ind1="0" ind2=" "><subfield code="a">Best practices</subfield></datafield><datafield tag="490" ind1="0" ind2=" "><subfield code="a">Microsoft secure software development series</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">Title from title screen. - Includes bibliographical references and index. - Print version record</subfield></datafield><datafield tag="506" ind1=" " ind2=" "><subfield code="f">Restrictions unspecified</subfield><subfield code="2">star</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">Your customers demand and deserve better security and privacy in their software. This book is the first to detail a rigorous, proven methodology that measurably minimizes security bugs-the Security Development Lifecycle (SDL). In this long-awaited book, security experts Michael Howard and Steve Lipner from the Microsoft Security Engineering Team guide you through each stage of the SDL-from education and design to testing and post-release. You get their first-hand insights, best practices, a practical history of the SDL, and lessons to help you implement the SDL in any development organization. Discover how to: Use a streamlined risk-analysis process to find security design issues before code is committed Apply secure-coding best practices and a proven testing process Conduct a final security review before a product ships Arm customers with prescriptive guidance to configure and deploy your product more securely Establish a plan to respond to new security vulnerabilities Integrate security discipline into agile methods and processes, such as Extreme Programming and Scrum Includes a CD featuring: A six-part security class video conducted by the authors and other Microsoft security experts Sample SDL documents and fuzz testing tool PLUS-Get book updates on the Web. A Note Regarding the CD or DVD The print version of this book ships with a CD or DVD. For those customers purchasing one of the digital formats in which this book is available, we are pleased to offer the CD/DVD content as a free download via O'Reilly Media's Digital Distribution services. To download this content, please visit O'Reilly's web site, search for the title of this book to find its catalog page, and click on the link below the cover image (Examples, Companion Content, or Practice Files). Note that while we provide as much of the media content as we are able via free download, we are sometimes limited by licensing restrictions. Please direct any questions or concerns to booktechoreilly.com.</subfield></datafield><datafield tag="538" ind1=" " ind2=" "><subfield code="a">Master and use copy. Digital master created according to Benchmark for Faithful Digital Reproductions of Monographs and Serials, Version 1. Digital Library Federation, December 2002.</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Computer software</subfield><subfield code="x">Development</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Computer security</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Computer software</subfield><subfield code="x">Reliability</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Sécurité informatique</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Logiciels ; Fiabilité</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">COMPUTERS ; Internet ; Security</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">COMPUTERS ; Networking ; Security</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">COMPUTERS ; Security ; General</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer software ; Development</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer security</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer software ; Reliability</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer security</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer software ; Development</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer software ; Reliability</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Lipner, Steve</subfield><subfield code="e">MitwirkendeR</subfield><subfield code="4">ctb</subfield></datafield><datafield tag="966" ind1="4" ind2="0"><subfield code="l">DE-91</subfield><subfield code="p">ZDB-30-ORH</subfield><subfield code="q">TUM_PDA_ORH</subfield><subfield code="u">https://learning.oreilly.com/library/view/-/0735622140/?ar</subfield><subfield code="m">X:ORHE</subfield><subfield code="x">Aggregator</subfield><subfield code="z">lizenzpflichtig</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">ZDB-30-ORH</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">ZDB-30-ORH</subfield></datafield><datafield tag="951" ind1=" " ind2=" "><subfield code="a">BO</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">ZDB-30-ORH</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-91</subfield></datafield></record></collection>
id	ZDB-30-ORH-047366494
illustrated	Not Illustrated
indexdate	2025-01-17T11:21:59Z
institution	BVB
isbn	0735622140 9780735622142 9780735635579 0735635579 0735637474 9780735637474
language	English
open_access_boolean
owner	DE-91 DE-BY-TUM
owner_facet	DE-91 DE-BY-TUM
physical	1 Online-Ressource.
psigel	ZDB-30-ORH TUM_PDA_ORH ZDB-30-ORH
publishDate	2006
publishDateSearch	2006
publishDateSort	2006
publisher	Microsoft Press
record_format	marc
series2	Best practices Microsoft secure software development series
spelling	Howard, Michael 1965- VerfasserIn aut The security development lifecycle SDL, a process for developing demonstrably more secure software Michael Howard, Steve Lipner SDL, a process for developing demonstrably more secure software Redmond, Wash. Microsoft Press 2006 [Place of publication not identified] HathiTrust Digital Library 1 Online-Ressource. Text txt rdacontent Computermedien c rdamedia Online-Ressource cr rdacarrier Best practices Microsoft secure software development series Title from title screen. - Includes bibliographical references and index. - Print version record Restrictions unspecified star Your customers demand and deserve better security and privacy in their software. This book is the first to detail a rigorous, proven methodology that measurably minimizes security bugs-the Security Development Lifecycle (SDL). In this long-awaited book, security experts Michael Howard and Steve Lipner from the Microsoft Security Engineering Team guide you through each stage of the SDL-from education and design to testing and post-release. You get their first-hand insights, best practices, a practical history of the SDL, and lessons to help you implement the SDL in any development organization. Discover how to: Use a streamlined risk-analysis process to find security design issues before code is committed Apply secure-coding best practices and a proven testing process Conduct a final security review before a product ships Arm customers with prescriptive guidance to configure and deploy your product more securely Establish a plan to respond to new security vulnerabilities Integrate security discipline into agile methods and processes, such as Extreme Programming and Scrum Includes a CD featuring: A six-part security class video conducted by the authors and other Microsoft security experts Sample SDL documents and fuzz testing tool PLUS-Get book updates on the Web. A Note Regarding the CD or DVD The print version of this book ships with a CD or DVD. For those customers purchasing one of the digital formats in which this book is available, we are pleased to offer the CD/DVD content as a free download via O'Reilly Media's Digital Distribution services. To download this content, please visit O'Reilly's web site, search for the title of this book to find its catalog page, and click on the link below the cover image (Examples, Companion Content, or Practice Files). Note that while we provide as much of the media content as we are able via free download, we are sometimes limited by licensing restrictions. Please direct any questions or concerns to booktechoreilly.com. Master and use copy. Digital master created according to Benchmark for Faithful Digital Reproductions of Monographs and Serials, Version 1. Digital Library Federation, December 2002. Computer software Development Computer security Computer software Reliability Sécurité informatique Logiciels ; Fiabilité COMPUTERS ; Internet ; Security COMPUTERS ; Networking ; Security COMPUTERS ; Security ; General Computer software ; Development Computer software ; Reliability Lipner, Steve MitwirkendeR ctb
spellingShingle	Howard, Michael 1965- The security development lifecycle SDL, a process for developing demonstrably more secure software Computer software Development Computer security Computer software Reliability Sécurité informatique Logiciels ; Fiabilité COMPUTERS ; Internet ; Security COMPUTERS ; Networking ; Security COMPUTERS ; Security ; General Computer software ; Development Computer software ; Reliability
title	The security development lifecycle SDL, a process for developing demonstrably more secure software
title_alt	SDL, a process for developing demonstrably more secure software
title_auth	The security development lifecycle SDL, a process for developing demonstrably more secure software
title_exact_search	The security development lifecycle SDL, a process for developing demonstrably more secure software
title_full	The security development lifecycle SDL, a process for developing demonstrably more secure software Michael Howard, Steve Lipner
title_fullStr	The security development lifecycle SDL, a process for developing demonstrably more secure software Michael Howard, Steve Lipner
title_full_unstemmed	The security development lifecycle SDL, a process for developing demonstrably more secure software Michael Howard, Steve Lipner
title_short	The security development lifecycle
title_sort	security development lifecycle sdl a process for developing demonstrably more secure software
title_sub	SDL, a process for developing demonstrably more secure software
topic	Computer software Development Computer security Computer software Reliability Sécurité informatique Logiciels ; Fiabilité COMPUTERS ; Internet ; Security COMPUTERS ; Networking ; Security COMPUTERS ; Security ; General Computer software ; Development Computer software ; Reliability
topic_facet	Computer software Development Computer security Computer software Reliability Sécurité informatique Logiciels ; Fiabilité COMPUTERS ; Internet ; Security COMPUTERS ; Networking ; Security COMPUTERS ; Security ; General Computer software ; Development Computer software ; Reliability
work_keys_str_mv	AT howardmichael thesecuritydevelopmentlifecyclesdlaprocessfordevelopingdemonstrablymoresecuresoftware AT lipnersteve thesecuritydevelopmentlifecyclesdlaprocessfordevelopingdemonstrablymoresecuresoftware AT howardmichael sdlaprocessfordevelopingdemonstrablymoresecuresoftware AT lipnersteve sdlaprocessfordevelopingdemonstrablymoresecuresoftware AT howardmichael securitydevelopmentlifecyclesdlaprocessfordevelopingdemonstrablymoresecuresoftware AT lipnersteve securitydevelopmentlifecyclesdlaprocessfordevelopingdemonstrablymoresecuresoftware

Verfügbarkeit

‌

Online lesen