Application threat modeling : process for attack simulation and threat analysis / / Tony UcedaVelez, Marco M. Morana |
Autore | Uceda Vélez Tony <1976-> |
Edizione | [1st edition] |
Pubbl/distr/stampa | Hoboken, New Jersey : , : John Wiley & Sons, Inc., , [2015] |
Descrizione fisica | 1 online resource (693 p.) |
Disciplina | 658.4038 |
Soggetto topico |
Management information systems - Security measures
Computer security |
ISBN |
1-118-98835-3
1-118-98837-X |
Classificazione | POL037000 |
Formato | Materiale a stampa |
Livello bibliografico | Monografia |
Lingua di pubblicazione | eng |
Nota di contenuto |
Cover; Title Page; Copyright; Dedication; Contents; Foreword; Preface; List of Figures; List of Tables; Chapter 1 Threat Modeling Overview; Definitions; Origins and Use; Summary; Rationale and Evolution of Security Analysis; Summary; Building A Better Risk Model; Summary; Threat Anatomy; Summary; Crowdsourcing Risk Analytics; Chapter 2 Objectives and Benefits of Threat Modeling; Defining a Risk Mitigation Strategy; Improving Application Security; Building Security in the Software Development Life Cycle; Identifying Application Vulnerabilities and Design Flaws
Analyzing Application Security RisksChapter 3 Existing Threat Modeling Approaches; Security, Software, Risk-Based Variants; Chapter 4 Threat Modeling Within the SDLC; Building Security in SDLC with Threat Modeling; Integrating Threat Modeling Within The Different Types of SDLCs; Chapter 5 Threat Modeling and Risk Management; Data Breach Incidents and Lessons for Risk Management; Threats and Risk Analysis; Risk-Based Threat Modeling; Threat Modeling in Information Security and Risk Management Processes; Threat Modeling Within Security Incident Response Processes; Chapter 6 Intro to PASTA Risk-Centric Threat ModelingChapter 7 Diving Deeper into PASTA; Exploring the Seven Stages and Embedded Threat Modeling Activities; Chapter Summary; Chapter 8 PASTA Use Case; PASTA Use Case Example Walk-Through; Glossary; References; Index; EULA |
Record Nr. | UNINA-9910140643603321 |
Uceda Vélez Tony <1976-> | ||
Hoboken, New Jersey : , : John Wiley & Sons, Inc., , [2015] | ||
Materiale a stampa | ||
Lo trovi qui: Univ. Federico II | ||
|
Application threat modeling : process for attack simulation and threat analysis / / Tony UcedaVelez, Marco M. Morana |
Autore | Uceda Vélez Tony <1976-> |
Edizione | [1st edition] |
Pubbl/distr/stampa | Hoboken, New Jersey : , : John Wiley & Sons, Inc., , [2015] |
Descrizione fisica | 1 online resource (693 p.) |
Disciplina | 658.4038 |
Soggetto topico |
Management information systems - Security measures
Computer security |
ISBN |
1-118-98835-3
1-118-98837-X |
Classificazione | POL037000 |
Formato | Materiale a stampa |
Livello bibliografico | Monografia |
Lingua di pubblicazione | eng |
Nota di contenuto |
Cover; Title Page; Copyright; Dedication; Contents; Foreword; Preface; List of Figures; List of Tables; Chapter 1 Threat Modeling Overview; Definitions; Origins and Use; Summary; Rationale and Evolution of Security Analysis; Summary; Building A Better Risk Model; Summary; Threat Anatomy; Summary; Crowdsourcing Risk Analytics; Chapter 2 Objectives and Benefits of Threat Modeling; Defining a Risk Mitigation Strategy; Improving Application Security; Building Security in the Software Development Life Cycle; Identifying Application Vulnerabilities and Design Flaws
Analyzing Application Security RisksChapter 3 Existing Threat Modeling Approaches; Security, Software, Risk-Based Variants; Chapter 4 Threat Modeling Within the SDLC; Building Security in SDLC with Threat Modeling; Integrating Threat Modeling Within The Different Types of SDLCs; Chapter 5 Threat Modeling and Risk Management; Data Breach Incidents and Lessons for Risk Management; Threats and Risk Analysis; Risk-Based Threat Modeling; Threat Modeling in Information Security and Risk Management Processes; Threat Modeling Within Security Incident Response Processes; Chapter 6 Intro to PASTA Risk-Centric Threat ModelingChapter 7 Diving Deeper into PASTA; Exploring the Seven Stages and Embedded Threat Modeling Activities; Chapter Summary; Chapter 8 PASTA Use Case; PASTA Use Case Example Walk-Through; Glossary; References; Index; EULA |
Record Nr. | UNINA-9910830690103321 |
Uceda Vélez Tony <1976-> | ||
Hoboken, New Jersey : , : John Wiley & Sons, Inc., , [2015] | ||
Materiale a stampa | ||
Lo trovi qui: Univ. Federico II | ||
|
Industrial security : managing security in the 21st century / / David L. Russell, Pieter Arlow |
Autore | Russell David L. <1942-> |
Edizione | [1st edition] |
Pubbl/distr/stampa | Hoboken, New Jersey : , : Wiley, , 2015 |
Descrizione fisica | 1 online resource (221 p.) |
Disciplina | 658.4/73 |
Soggetto topico |
Industries - Security measures
Industrial safety Risk management Security systems Terrorism - Prevention |
ISBN |
1-119-02842-6
1-119-02843-4 1-119-02840-X |
Classificazione | POL037000 |
Formato | Materiale a stampa |
Livello bibliografico | Monografia |
Lingua di pubblicazione | eng |
Nota di contenuto |
Title Page; Copyright Page; Contents; Chapter 1 Introduction to Security Risk Assessment and Management; Introduction; Business Definition; Security Versus Risk; Framework for Risk Management; Value at Risk; Calculation of Risk; Risk Assessment Versus Risk Management; Risk Management Plans; Threat Scenarios; Statistics and Mathematics; Pairing Vulnerability and Threat Data; Setting Priorities; Other Definitions of Risk Assessment; Business Definition for Risk Assessment; Broad Definition for Risk Assessment; Quantitative Risk Assessment; Qualitative Risk Assessment; Threats; Vulnerabilities
Countermeasures for VulnerabilitiesThe D's of security systems; Sample Threat Scenario No. 1; Background; Sample Threat Scenario No. 2; Background; Notes; Chapter 2 Risk Assessment Basics; Street Calculus and Perceived Risk; Street Calculus; Security Risk Assessment Structure; Value at Risk; Sandia Laboratory's Risk Assessment Analysis; Annualized Cost Analysis of Risk; Scenario-driven Cost Risk Analysis; Real-world example; Model-Based Risk Analysis; MBRA example case; Risk Management by Fault Tree Methods and Risk-informed Decision Management; Fault tree analysis; RIDM; Notes Chapter 3 Assessing Types of Attacks and Threats with Data SourcesWeapons; AK-47; M16; Sniper rifles; Muzzle Energies for Various Cartridges; Rifle Grenades; Rocket-Propelled Grenades and Mortars; Explosive Energies; Impact of explosives; Other Types of Incidents and Accidents; Notes; Chapter 4 Evaluating a Company's Protective Systems; Surveys and Assessments; Site Security Assessments; Checklists; Cyber security checklist; Lighting; Perimeter Barriers: Design Notes and Comments; CCTV; Windows and Doors; Notes; Chapter 5 Port Security; Ranking Threats; Natural threats Man-made/accidental threatsIntentional acts-delivery vectors; Weapon threats; Levels of Port Security; Security response plans; Recommended procedures; Identification Procedures for Personnel Screening; Employees; Vendors/contractors/vessel pilots; Truck drivers/passengers; Visitors (all personnel not falling into other categories); Government employees; Vessel personnel access through a facility; Search requirements; Acceptable identification; Access control; Vessel Arrival and Security Procedures While Moored; Internal Security; Vehicle control; Rail security; Key/ID/access card control Computer securitySecurity rounds; Perimeter Security and Restricted Areas; Barriers; Fencing; Lighting; Security Alarms/Video Surveillance/Communications Systems; Alarms; Video surveillance; Communications systems; Training and Security Awareness; Floating Barriers; Notes; Chapter 6 Basics of Cyber security; Communications Life Cycle; Some Solutions to the Problem of Cyber crime; General recommendations; Communications Security; Communications as Transactions; Telephone System Security; Radio Communications; Digital Communications; Cyber security; Vulnerability assessment Unknowns and alternatives |
Record Nr. | UNINA-9910131335803321 |
Russell David L. <1942-> | ||
Hoboken, New Jersey : , : Wiley, , 2015 | ||
Materiale a stampa | ||
Lo trovi qui: Univ. Federico II | ||
|
Industrial security : managing security in the 21st century / / David L. Russell, Pieter Arlow |
Autore | Russell David L. <1942-> |
Edizione | [1st edition] |
Pubbl/distr/stampa | Hoboken, New Jersey : , : Wiley, , 2015 |
Descrizione fisica | 1 online resource (221 p.) |
Disciplina | 658.4/73 |
Soggetto topico |
Industries - Security measures
Industrial safety Risk management Security systems Terrorism - Prevention |
ISBN |
1-119-02842-6
1-119-02843-4 1-119-02840-X |
Classificazione | POL037000 |
Formato | Materiale a stampa |
Livello bibliografico | Monografia |
Lingua di pubblicazione | eng |
Nota di contenuto |
Title Page; Copyright Page; Contents; Chapter 1 Introduction to Security Risk Assessment and Management; Introduction; Business Definition; Security Versus Risk; Framework for Risk Management; Value at Risk; Calculation of Risk; Risk Assessment Versus Risk Management; Risk Management Plans; Threat Scenarios; Statistics and Mathematics; Pairing Vulnerability and Threat Data; Setting Priorities; Other Definitions of Risk Assessment; Business Definition for Risk Assessment; Broad Definition for Risk Assessment; Quantitative Risk Assessment; Qualitative Risk Assessment; Threats; Vulnerabilities
Countermeasures for VulnerabilitiesThe D's of security systems; Sample Threat Scenario No. 1; Background; Sample Threat Scenario No. 2; Background; Notes; Chapter 2 Risk Assessment Basics; Street Calculus and Perceived Risk; Street Calculus; Security Risk Assessment Structure; Value at Risk; Sandia Laboratory's Risk Assessment Analysis; Annualized Cost Analysis of Risk; Scenario-driven Cost Risk Analysis; Real-world example; Model-Based Risk Analysis; MBRA example case; Risk Management by Fault Tree Methods and Risk-informed Decision Management; Fault tree analysis; RIDM; Notes Chapter 3 Assessing Types of Attacks and Threats with Data SourcesWeapons; AK-47; M16; Sniper rifles; Muzzle Energies for Various Cartridges; Rifle Grenades; Rocket-Propelled Grenades and Mortars; Explosive Energies; Impact of explosives; Other Types of Incidents and Accidents; Notes; Chapter 4 Evaluating a Company's Protective Systems; Surveys and Assessments; Site Security Assessments; Checklists; Cyber security checklist; Lighting; Perimeter Barriers: Design Notes and Comments; CCTV; Windows and Doors; Notes; Chapter 5 Port Security; Ranking Threats; Natural threats Man-made/accidental threatsIntentional acts-delivery vectors; Weapon threats; Levels of Port Security; Security response plans; Recommended procedures; Identification Procedures for Personnel Screening; Employees; Vendors/contractors/vessel pilots; Truck drivers/passengers; Visitors (all personnel not falling into other categories); Government employees; Vessel personnel access through a facility; Search requirements; Acceptable identification; Access control; Vessel Arrival and Security Procedures While Moored; Internal Security; Vehicle control; Rail security; Key/ID/access card control Computer securitySecurity rounds; Perimeter Security and Restricted Areas; Barriers; Fencing; Lighting; Security Alarms/Video Surveillance/Communications Systems; Alarms; Video surveillance; Communications systems; Training and Security Awareness; Floating Barriers; Notes; Chapter 6 Basics of Cyber security; Communications Life Cycle; Some Solutions to the Problem of Cyber crime; General recommendations; Communications Security; Communications as Transactions; Telephone System Security; Radio Communications; Digital Communications; Cyber security; Vulnerability assessment Unknowns and alternatives |
Record Nr. | UNINA-9910819583803321 |
Russell David L. <1942-> | ||
Hoboken, New Jersey : , : Wiley, , 2015 | ||
Materiale a stampa | ||
Lo trovi qui: Univ. Federico II | ||
|