MARC details
| 008 - FIXED-LENGTH DATA ELEMENTS--GENERAL INFORMATION |
|---|
| fixed length control field |
090712s2006 waua b 001 0 eng u |
| 010 ## - LIBRARY OF CONGRESS CONTROL NUMBER |
|---|
| LC control number |
2006924466 |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER |
|---|
| International Standard Book Number |
9780735622142 |
| 035 ## - SYSTEM CONTROL NUMBER |
|---|
| System control number |
(Sirsi) u2059 |
| 040 ## - CATALOGING SOURCE |
|---|
| Original cataloging agency |
EG-CaNU |
| Transcribing agency |
EG-CaNU |
| Modifying agency |
EG-CaNU |
| 042 ## - AUTHENTICATION CODE |
|---|
| Authentication code |
ncode |
| 082 00 - DEWEY DECIMAL CLASSIFICATION NUMBER |
|---|
| Classification number |
005.8 |
| Edition number |
22 |
| 100 1# - MAIN ENTRY--PERSONAL NAME |
|---|
| Personal name |
Howard, Michael, |
| Dates associated with a name |
1965- |
| 9 (RLIN) |
3449 |
| 245 14 - TITLE STATEMENT |
|---|
| Title |
The security development lifecycle : |
| Remainder of title |
SDL, a process for developing demonstrably more secure software / |
| Statement of responsibility, etc. |
Michael Howard and Steve Lipner. |
| 260 ## - PUBLICATION, DISTRIBUTION, ETC. |
|---|
| Place of publication, distribution, etc. |
Redmond, Wash. : |
| Name of publisher, distributor, etc. |
Microsoft Press, |
| Date of publication, distribution, etc. |
c2006. |
| 300 ## - PHYSICAL DESCRIPTION |
|---|
| Extent |
xxii, 320 p. : |
| Other physical details |
ill. ; |
| Dimensions |
23 cm. + |
| Accompanying material |
1 CD-ROM (4 3/4 in.). |
| 490 #0 - SERIES STATEMENT |
|---|
| Series statement |
Secure software development series |
| 504 ## - BIBLIOGRAPHY, ETC. NOTE |
|---|
| Bibliography, etc. note |
Includes bibliographical references and index. |
| 505 0# - FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Chapter 1: Enough Is Enough: The Threats Have Changed -- Chapter 2: Current Software Development Methods Fail to Produce Secure Software -- Chapter 3: A Short History of the SDL at Microsoft -- Chapter 4: SDL for Management -- Chapter 5: Stage 0: Education and Awareness -- Chapter 6: Stage 1: Project Inception -- Chapter 7: Stage 2: Define and Follow Design Best Practices -- Chapter 8: Stage 3: Product Risk Assessment -- Chapter 9: Stage 4: Risk Analysis -- Chapter 10: Stage 5: Creating Security Documents, Tools, and Best Practices for Customers -- Chapter 11: Stage 6: Secure Coding Policies -- Chapter 12: Stage 7: Secure Testing Policies -- Chapter 13: Stage 8: The Security Push -- Chapter 14: Stage 9: The Final Security Review -- Chapter 15: Stage 10: Security Response Planning -- Chapter 16: Stage 11: Product Release -- Chapter 17: Stage 12: Security Response Execution -- Chapter 18: Integrating SDL with Agile Methods -- Chapter 19: SDL Banned Function Calls -- Chapter 20: SDL Minimum Cryptographic Standards -- Chapter 21: SDL-Required Tools and Compiler Options -- Chapter 22: Threat Tree Patterns. |
| 520 ## - SUMMARY, ETC. |
|---|
| Summary, etc. |
Your customers demand and deserve better security and privacy in their software. This book is the first to detail a rigorous, proven methodology that measurably minimizes security bugs—the Security Development Lifecycle (SDL). In this long-awaited book, security experts Michael Howard and Steve Lipner from the Microsoft Security Engineering Team guide you through each stage of the SDL—from education and design to testing and post-release. You get their first-hand insights, best practices, a practical history of the SDL, and lessons to help you implement the SDL in any development organization. |
| 520 ## - SUMMARY, ETC. |
|---|
| Summary, etc. |
With expert insights, this introduction to the Security Development Lifecycle (SDL) provides you with a history of the methodology and guides you through each stage of the proven process--from design to release--that helps minimize security defects. The software industry has been struggling with how to create and release software that is more security-enhanced and reliable--the Security Development Lifecycle (SDL) provides a methodology that works. Adapted from Microsoft's standard development process, SDL is a critical way to help reduce the number of security defects in code at every stage of the development process, from design to release. In addition to a brief history of the methodology, this book details each stage of the SDL methodology and discusses its implementation across a range of Microsoft software, including Microsoft Windows ServerTM 2003, Microsoft SQL ServerTM 2000 Service Pack 3, and Microsoft Exchange Server 2003 Service Pack 1, to help measurably improve security features. Coauthored by Michael Howard and Steve Lipner, you get direct access to insights from Microsoft's security team and lessons that are repeatable and applicable to software development processes worldwide, whether on a small-scale or large-scale. This book includes a CD featuring videos of developer training classes. |
| 596 ## - |
|---|
| -- |
1 |
| 650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name entry element |
Computer software |
| General subdivision |
Development. |
| 9 (RLIN) |
3450 |
| 650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name entry element |
Computer security. |
| 9 (RLIN) |
3451 |
| 650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name entry element |
Computer software |
| General subdivision |
Reliability. |
| 9 (RLIN) |
3452 |
| 700 1# - ADDED ENTRY--PERSONAL NAME |
|---|
| Personal name |
Lipner, Steve. |
| 9 (RLIN) |
3453 |