rent-now

Rent More, Save More! Use code: ECRENTAL

5% off 1 book, 7% off 2 books, 10% off 3+ books

9781718501928

Designing Secure Software A Guide for Developers

by
  • ISBN13:

    9781718501928

  • ISBN10:

    1718501927

  • Format: Paperback
  • Copyright: 2021-12-21
  • Publisher: No Starch Press

Note: Supplemental materials are not guaranteed with Rental or Used book purchases.

Purchase Benefits

  • Free Shipping Icon Free Shipping On Orders Over $35!
    Your order must be $35 or more to qualify for free economy shipping. Bulk sales, PO's, Marketplace items, eBooks and apparel do not qualify for this offer.
  • eCampus.com Logo Get Rewarded for Ordering Your Textbooks! Enroll Now
  • Buyback Icon We Buy This Book Back!
    In-Store Credit: $2.63
    Check/Direct Deposit: $2.50
    PayPal: $2.50
  • Write a Review Icon Write a Review
List Price: $49.99 Save up to $9.50
  • Rent Book $40.49
    Add to Cart Free Shipping Icon Free Shipping

    TERM
    PRICE
    DUE
    USUALLY SHIPS IN 3-5 BUSINESS DAYS
    *This item is part of an exclusive publisher rental program and requires an additional convenience fee. This fee will be reflected in the shopping cart.

How To: Textbook Rental

Looking to rent a book? Rent Designing Secure Software A Guide for Developers [ISBN: 9781718501928] for the semester, quarter, and short term or search our site for other textbooks by Kohnfelder, Loren. Renting a textbook can save you up to 90% from the cost of buying.

Summary

What every software professional should know about security.

Designing Secure Software consolidates Loren Kohnfelder’s more than twenty years of experience into a concise, elegant guide to improving the security of technology products. Written for a wide range of software professionals, it emphasizes building security into software design early and involving the entire team in the process.
 
The book begins with a discussion of core concepts like trust, threats, mitigation, secure design patterns, and cryptography. The second part, perhaps this book’s most unique and important contribution to the field, covers the process of designing and reviewing a software design with security considerations in mind. The final section details the most common coding flaws that create vulnerabilities, making copious use of code snippets written in C and Python to illustrate implementation vulnerabilities.
 
You’ll learn how to:

   • Identify important assets, the attack surface, and the trust boundaries in a system
   • Evaluate the effectiveness of various threat mitigation candidates
   • Work with well-known secure coding patterns and libraries
   • Understand and prevent vulnerabilities like XSS and CSRF, memory flaws, and more
   • Use security testing to proactively identify vulnerabilities introduced into code
   • Review a software design for security flaws effectively and without judgment 
 
Kohnfelder’s career, spanning decades at Microsoft and Google, introduced numerous software security initiatives, including the co-creation of the STRIDE threat modeling framework used widely today. This book is a modern, pragmatic consolidation of his best practices, insights, and ideas about the future of software.

Author Biography

Loren Kohnfelder has over 20 years of experience working in the security industry for companies like Microsoft and Google. At Microsoft, he was a key contributor to the industry’s first formalized proactive security process methodology, and program-managed the .NET platform security effort. He was also a key contributor to the first organized approach to security by any major software platform company. At Google he worked as a software engineer on the Security team and as a founding member of the Privacy team, performing numerous security design reviews of large-scale complex real-world commercial platforms and systems, while working on various projects as a developer. Now retired, Kohnfelder shares his unique experience in industry through this book.
 

Supplemental Materials

What is included with this book?

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

Rewards Program