Threat Modeling: Designing for Security

4.01 avg rating
( 95 ratings by Goodreads )
)  
9781118809990: Threat Modeling: Designing for Security
View all copies of this ISBN edition:
 
 

The only security book to be chosen as a Dr. Dobbs Jolt Award Finalist since Bruce Schneier's Secrets and Lies and Applied Cryptography!

Adam Shostack is responsible for security development lifecycle threat modeling at Microsoft and is one of a handful of threat modeling experts in the world. Now, he is sharing his considerable expertise into this unique book. With pages of specific actionable advice, he details how to build better security into the design of systems, software, or services from the outset. You'll explore various threat modeling approaches, find out how to test your designs against threats, and learn effective ways to address threats that have been validated at Microsoft and other top companies.

Systems security managers, you'll find tools and a framework for structured thinking about what can go wrong. Software developers, you'll appreciate the jargon-free and accessible introduction to this essential skill. Security professionals, you'll learn to discern changing threats and discover the easiest ways to adopt a structured approach to threat modeling.

  • Provides a unique how-to for security and software developers who need to design secure products and systems and test their designs
  • Explains how to threat model and explores various threat modeling approaches, such as asset-centric, attacker-centric and software-centric
  • Provides effective approaches and techniques that have been proven at Microsoft and elsewhere
  • Offers actionable how-to advice not tied to any specific software, operating system, or programming language
  • Authored by a Microsoft professional who is one of the most prominent threat modeling experts in the world

As more software is delivered on the Internet or operates on Internet-connected devices, the design of secure software is absolutely critical. Make sure you're ready with Threat Modeling: Designing for Security.

"synopsis" may belong to another edition of this title.

From the Back Cover:

use threat modeling to enhance software security

If you're a software developer, systems manager, or security professional, this book will show you how to use threat modeling in the security development lifecycle and in the overall software and systems design processes. Author and security expert Adam Shostack puts his considerable expertise to work in this book that, unlike any other, details the process of building improved security into the design of software, computer services, and systems — from the very beginning.

  • Find and fix security issues before they hurt you or your customers
  • Learn to use practical and actionable tools, techniques, and approaches for software developers, IT professionals, and security enthusiasts
  • Explore the nuances of software-centric threat modeling and discover its application to software and systems during the build phase and beyond
  • Apply threat modeling to improve security when managing complex systems
  • Manage potential threats using a structured, methodical framework
  • Discover and discern evolving security threats
  • Use specific, actionable advice regardless of software type, operating system, or program approaches and techniques validated and proven to be effective at Microsoft and other top IT companies

About the Author:

Adam Shostack is a principal program manager on Microsoft's Trustworthy Computing team. He helped found the CVE \, the Privacy Enhancing Technologies Symposium, and the International Financial Cryptography Association His experience shipping products (at both Microsoft and tiny startups) and managing operational security ensures the advice in this book is grounded in real experience.

"About this title" may belong to another edition of this title.

Other Popular Editions of the Same Title

9788126548651: Threat Modeling: Designing for Security

Featured Edition

ISBN 10:  8126548657 ISBN 13:  9788126548651
Publisher: Wiley India, 2014
Softcover

Top Search Results from the AbeBooks Marketplace

1.

Shostack, Adam
Published by Wiley (2014)
ISBN 10: 1118809998 ISBN 13: 9781118809990
New Paperback Quantity Available: 20
Seller:
booksXpress
(Freehold, NJ, U.S.A.)

Book Description Wiley, 2014. Paperback. Condition: new. Seller Inventory # 9781118809990

More information about this seller | Contact this seller

Buy New
US$ 56.40
Convert currency

Add to Basket

Shipping: FREE
Within U.S.A.
Destination, rates & speeds

2.

Adam Shostack (author)
Published by Wiley 2014-04-25, Indianapolis, IN (2014)
ISBN 10: 1118809998 ISBN 13: 9781118809990
New paperback Quantity Available: > 20
Seller:
Blackwell's
(Oxford, OX, United Kingdom)

Book Description Wiley 2014-04-25, Indianapolis, IN, 2014. paperback. Condition: New. Seller Inventory # 9781118809990

More information about this seller | Contact this seller

Buy New
US$ 50.69
Convert currency

Add to Basket

Shipping: US$ 6.30
From United Kingdom to U.S.A.
Destination, rates & speeds

3.

Shostack, Adam
Published by Wiley (2014)
ISBN 10: 1118809998 ISBN 13: 9781118809990
New Paperback First Edition Quantity Available: 3
Seller:
Textbooks_Source
(Columbia, MO, U.S.A.)

Book Description Wiley, 2014. Paperback. Condition: New. 1st Edition. Ships in a BOX from Central Missouri! Ships same or next business day. UPS shipping for most packages, (Priority Mail for AK/HI/APO/PO Boxes). Seller Inventory # 001531659N

More information about this seller | Contact this seller

Buy New
US$ 53.51
Convert currency

Add to Basket

Shipping: US$ 3.99
Within U.S.A.
Destination, rates & speeds

4.

Adam Shostack
Published by John Wiley & Sons Inc, United States (2014)
ISBN 10: 1118809998 ISBN 13: 9781118809990
New Paperback Quantity Available: 1
Seller:
Book Depository International
(London, United Kingdom)

Book Description John Wiley & Sons Inc, United States, 2014. Paperback. Condition: New. Language: English. Brand new Book. The only security book to be chosen as a Dr. Dobbs Jolt Award Finalist since Bruce Schneier's Secrets and Lies and Applied Cryptography! Adam Shostack is responsible for security development lifecycle threat modeling at Microsoft and is one of a handful of threat modeling experts in the world. Now, he is sharing his considerable expertise into this unique book. With pages of specific actionable advice, he details how to build better security into the design of systems, software, or services from the outset. You'll explore various threat modeling approaches, find out how to test your designs against threats, and learn effective ways to address threats that have been validated at Microsoft and other top companies. Systems security managers, you'll find tools and a framework for structured thinking about what can go wrong. Software developers, you'll appreciate the jargon-free and accessible introduction to this essential skill. Security professionals, you'll learn to discern changing threats and discover the easiest ways to adopt a structured approach to threat modeling.* Provides a unique how-to for security and software developers who need to design secure products and systems and test their designs * Explains how to threat model and explores various threat modeling approaches, such as asset-centric, attacker-centric and software-centric * Provides effective approaches and techniques that have been proven at Microsoft and elsewhere * Offers actionable how-to advice not tied to any specific software, operating system, or programming language * Authored by a Microsoft professional who is one of the most prominent threat modeling experts in the world As more software is delivered on the Internet or operates on Internet-connected devices, the design of secure software is absolutely critical. Make sure you're ready with Threat Modeling: Designing for Security. Seller Inventory # AAZ9781118809990

More information about this seller | Contact this seller

Buy New
US$ 58.43
Convert currency

Add to Basket

Shipping: FREE
From United Kingdom to U.S.A.
Destination, rates & speeds

5.

Shostack, Adam
ISBN 10: 1118809998 ISBN 13: 9781118809990
New Quantity Available: 5
Seller:
GreatBookPricesUK
(Castle Donington, DERBY, United Kingdom)

Book Description Condition: New. Seller Inventory # 19774637-n

More information about this seller | Contact this seller

Buy New
US$ 47.28
Convert currency

Add to Basket

Shipping: US$ 18.93
From United Kingdom to U.S.A.
Destination, rates & speeds

6.

Adam Shostack
ISBN 10: 1118809998 ISBN 13: 9781118809990
New Paperback First Edition Quantity Available: 1
Seller:
Grand Eagle Retail
(Wilmington, DE, U.S.A.)

Book Description 2014. Paperback. Condition: New. 1st. Paperback. The only security book to be chosen as a Dr. Dobbs Jolt Award Finalist since Bruce Schneier's Secrets and Lies and Applied Cryptography!Adam Shostack is res.Shipping may be from multiple locations in the US or from the UK, depending on stock availability. 590 pages. 1.100. Seller Inventory # 9781118809990

More information about this seller | Contact this seller

Buy New
US$ 67.96
Convert currency

Add to Basket

Shipping: FREE
Within U.S.A.
Destination, rates & speeds

7.

Shostack, Adam
Published by John Wiley and#38; Sons (2014)
ISBN 10: 1118809998 ISBN 13: 9781118809990
New Quantity Available: > 20
Seller:
Books2Anywhere
(Fairford, GLOS, United Kingdom)

Book Description John Wiley and#38; Sons, 2014. PAP. Condition: New. New Book. Shipped from UK. Established seller since 2000. Seller Inventory # FW-9781118809990

More information about this seller | Contact this seller

Buy New
US$ 49.87
Convert currency

Add to Basket

Shipping: US$ 18.93
From United Kingdom to U.S.A.
Destination, rates & speeds

8.

Adam Shostack
Published by Wiley 2014-02-07 (2014)
ISBN 10: 1118809998 ISBN 13: 9781118809990
New Paperback Quantity Available: 3
Seller:
Chiron Media
(Wallingford, United Kingdom)

Book Description Wiley 2014-02-07, 2014. Paperback. Condition: New. Seller Inventory # 6666-GRD-9781118809990

More information about this seller | Contact this seller

Buy New
US$ 57.58
Convert currency

Add to Basket

Shipping: US$ 18.11
From United Kingdom to U.S.A.
Destination, rates & speeds

9.

Adam Shostack
Published by Wiley 2014-02-07 (2014)
ISBN 10: 1118809998 ISBN 13: 9781118809990
New Paperback Quantity Available: > 20
Seller:
Chiron Media
(Wallingford, United Kingdom)

Book Description Wiley 2014-02-07, 2014. Paperback. Condition: New. Seller Inventory # 6666-WLY-9781118809990

More information about this seller | Contact this seller

Buy New
US$ 61.86
Convert currency

Add to Basket

Shipping: US$ 18.11
From United Kingdom to U.S.A.
Destination, rates & speeds

10.

Adam Shostack
Published by John Wiley & Sons Inc, United States (2014)
ISBN 10: 1118809998 ISBN 13: 9781118809990
New Paperback Quantity Available: 10
Seller:
Book Depository hard to find
(London, United Kingdom)

Book Description John Wiley & Sons Inc, United States, 2014. Paperback. Condition: New. Language: English. Brand new Book. The only security book to be chosen as a Dr. Dobbs Jolt Award Finalist since Bruce Schneier's Secrets and Lies and Applied Cryptography! Adam Shostack is responsible for security development lifecycle threat modeling at Microsoft and is one of a handful of threat modeling experts in the world. Now, he is sharing his considerable expertise into this unique book. With pages of specific actionable advice, he details how to build better security into the design of systems, software, or services from the outset. You'll explore various threat modeling approaches, find out how to test your designs against threats, and learn effective ways to address threats that have been validated at Microsoft and other top companies. Systems security managers, you'll find tools and a framework for structured thinking about what can go wrong. Software developers, you'll appreciate the jargon-free and accessible introduction to this essential skill. Security professionals, you'll learn to discern changing threats and discover the easiest ways to adopt a structured approach to threat modeling.* Provides a unique how-to for security and software developers who need to design secure products and systems and test their designs * Explains how to threat model and explores various threat modeling approaches, such as asset-centric, attacker-centric and software-centric * Provides effective approaches and techniques that have been proven at Microsoft and elsewhere * Offers actionable how-to advice not tied to any specific software, operating system, or programming language * Authored by a Microsoft professional who is one of the most prominent threat modeling experts in the world As more software is delivered on the Internet or operates on Internet-connected devices, the design of secure software is absolutely critical. Make sure you're ready with Threat Modeling: Designing for Security. Seller Inventory # BZV9781118809990

More information about this seller | Contact this seller

Buy New
US$ 80.29
Convert currency

Add to Basket

Shipping: FREE
From United Kingdom to U.S.A.
Destination, rates & speeds

There are more copies of this book

View all search results for this book