03454nam 2200649 450 991014064360332120220307133806.01-118-98835-31-118-98837-X(CKB)2670000000616822(EBL)1895868(OCoLC)904400187(SSID)ssj0001482780(PQKBManifestationID)12496514(PQKBTitleCode)TC0001482780(PQKBWorkID)11412439(PQKB)11375067(MiAaPQ)EBC1895868(DLC) 2015008691(CaSebORM)9780470500965(MiAaPQ)EBC4653001(Au-PeEL)EBL4653001(EXLCZ)99267000000061682220220307d2015 uy 0engur|n|---|||||txtccrApplication threat modeling process for attack simulation and threat analysis /Tony UcedaVelez, Marco M. Morana1st editionHoboken, New Jersey :John Wiley & Sons, Inc.,[2015]©20151 online resource (693 p.)Description based upon print version of record.1-118-98836-1 0-470-50096-4 Includes bibliographical references and index.Cover; Title Page; Copyright; Dedication; Contents; Foreword; Preface; List of Figures; List of Tables; Chapter 1 Threat Modeling Overview; Definitions; Origins and Use; Summary; Rationale and Evolution of Security Analysis; Summary; Building A Better Risk Model; Summary; Threat Anatomy; Summary; Crowdsourcing Risk Analytics; Chapter 2 Objectives and Benefits of Threat Modeling; Defining a Risk Mitigation Strategy; Improving Application Security; Building Security in the Software Development Life Cycle; Identifying Application Vulnerabilities and Design FlawsAnalyzing Application Security RisksChapter 3 Existing Threat Modeling Approaches; Security, Software, Risk-Based Variants; Chapter 4 Threat Modeling Within the SDLC; Building Security in SDLC with Threat Modeling; Integrating Threat Modeling Within The Different Types of SDLCs; Chapter 5 Threat Modeling and Risk Management; Data Breach Incidents and Lessons for Risk Management; Threats and Risk Analysis; Risk-Based Threat Modeling; Threat Modeling in Information Security and Risk Management Processes; Threat Modeling Within Security Incident Response Processes; Chapter 6 Intro to PASTARisk-Centric Threat ModelingChapter 7 Diving Deeper into PASTA; Exploring the Seven Stages and Embedded Threat Modeling Activities; Chapter Summary; Chapter 8 PASTA Use Case; PASTA Use Case Example Walk-Through; Glossary; References; Index; EULA"This book describes how to apply application threat modeling as an advanced preventive form of security"--Provided by publisher.Management information systemsSecurity measuresComputer securityManagement information systemsSecurity measures.Computer security.658.4038POL037000bisacshUceda Vélez Tony1976-970550Morana Marco M.MiAaPQMiAaPQMiAaPQBOOK9910140643603321Application threat modeling2804075UNINA02847aam 2200637 a 450 99620245980331620230828225627.0(CKB)111026746735170(MH)002628291-7(SSID)ssj0000451484(PQKBManifestationID)12147302(PQKBTitleCode)TC0000451484(PQKBWorkID)10462847(PQKB)11616409(EXLCZ)9911102674673517019910906d1991 uy 0engtxtccrComputers, freedom & privacy a comprehensive, edited transcript of the First Conference on Computers, Freedom & Privacy, held March 26-28, 1991 in Burlingame, California /Jim Warren, Jay Thorwaldson & Bruce Koball, editors ; sponsored by Computer Professionals for Social Responsibility ; co-sponsors & cooperating organizations, the Institute of Electrical and Electronics Engineers, Inc. ... [et al.] ; conference chair, Jim WarrenLos Alamitos, Calif. IEEE Computer Society Pressc19911 online resource (xii, 230 p. )Cover title: Proceedings, the First Conference on Computers, Freedom & Privacy."IEEE Computer Society Press order number 2565"--Verso t.p.Includes index.0-8186-2565-1 ComputersLaw and legislationUnited StatesCongressesPrivacy, Right ofUnited StatesCongressesFreedom of informationUnited StatesCongressesGovernment informationUnited StatesCongressesData protectionUnited StatesCongressesData protectionLaw and legislationUnited StatesCongressesConference proceedings.fastComputersLaw and legislationPrivacy, Right ofFreedom of informationGovernment informationData protectionData protectionLaw and legislation342.73/0858347.302858Warren Jim C.Jr.,1936-1062560Warren Jim C.Jr.,1936-1062560Thorwaldson Jay1062561Koball Bruce1062562Computer Professionals for Social Responsibility.Institute of Electrical and Electronics Engineers.DLCDLCMH-LBOOK996202459803316Computers, freedom & privacy2526574UNISAThis Record contains information from the Harvard Library Bibliographic Dataset, which is provided by the Harvard Library under its Bibliographic Dataset Use Terms and includes data made available by, among others the Library of Congress