The Agile/Security Development Life Cycle (A/SDLC): Integrating Security Functionality into the SDLC ~ Second Edition
The Agile/Security Development Life Cycle (A/SDLC): Integrating Security Functionality into the SDLC ~ Second Edition by Mark A Russo CISSP-ISSAP ITILv3
English | January 20, 2019 | ISBN: 1794490574 | 143 pages | AZW3 | 2.79 Mb
English | January 20, 2019 | ISBN: 1794490574 | 143 pages | AZW3 | 2.79 Mb
In this SECOND EDITION of THE AGILE SECURITY DEVELOPMENT LIFE CYCLE (A/SDLC) we expand and include new information to improve the concept of "Agile Cyber." We further discuss the need for a Security Traceability Requirements Matrix (SecRTM) and the need to know where all data elements are located throughout your IT environment to include Cloud storage and repository locations. The author continues his focus upon ongoing shortfalls and failures of "Secure System Development." The author seeks to use his over 25 years in the public and private sector program management and cybersecurity to create a solution. This book provides the first-ever integrated operational-security process to enhance the readers understanding of why systems are so poorly secured. Why we as a nation have missed the mark in cybersecurity? Why nation-states and hackers are successful daily? This book also describes the two major mainstream "agile" NIST frameworks that can be employed, and how to use them effectively under a Risk Management approach. We may be losing "battles, " but may be its time we truly commit to winning the cyber-war.