Application threat modeling : process for attack simulation and threat analysis / / Tony UcedaVelez, Marco M. Morana |
Autore | Uceda Vélez Tony <1976-> |
Edizione | [1st edition] |
Pubbl/distr/stampa | Hoboken, New Jersey : , : John Wiley & Sons, Inc., , [2015] |
Descrizione fisica | 1 online resource (693 p.) |
Disciplina | 658.4038 |
Soggetto topico |
Management information systems - Security measures
Computer security |
ISBN |
1-118-98835-3
1-118-98837-X |
Classificazione | POL037000 |
Formato | Materiale a stampa ![]() |
Livello bibliografico | Monografia |
Lingua di pubblicazione | eng |
Nota di contenuto |
Cover; Title Page; Copyright; Dedication; Contents; Foreword; Preface; List of Figures; List of Tables; Chapter 1 Threat Modeling Overview; Definitions; Origins and Use; Summary; Rationale and Evolution of Security Analysis; Summary; Building A Better Risk Model; Summary; Threat Anatomy; Summary; Crowdsourcing Risk Analytics; Chapter 2 Objectives and Benefits of Threat Modeling; Defining a Risk Mitigation Strategy; Improving Application Security; Building Security in the Software Development Life Cycle; Identifying Application Vulnerabilities and Design Flaws
Analyzing Application Security RisksChapter 3 Existing Threat Modeling Approaches; Security, Software, Risk-Based Variants; Chapter 4 Threat Modeling Within the SDLC; Building Security in SDLC with Threat Modeling; Integrating Threat Modeling Within The Different Types of SDLCs; Chapter 5 Threat Modeling and Risk Management; Data Breach Incidents and Lessons for Risk Management; Threats and Risk Analysis; Risk-Based Threat Modeling; Threat Modeling in Information Security and Risk Management Processes; Threat Modeling Within Security Incident Response Processes; Chapter 6 Intro to PASTA Risk-Centric Threat ModelingChapter 7 Diving Deeper into PASTA; Exploring the Seven Stages and Embedded Threat Modeling Activities; Chapter Summary; Chapter 8 PASTA Use Case; PASTA Use Case Example Walk-Through; Glossary; References; Index; EULA |
Record Nr. | UNINA-9910140643603321 |
Uceda Vélez Tony <1976->
![]() |
||
Hoboken, New Jersey : , : John Wiley & Sons, Inc., , [2015] | ||
![]() | ||
Lo trovi qui: Univ. Federico II | ||
|
Application threat modeling : process for attack simulation and threat analysis / / Tony UcedaVelez, Marco M. Morana |
Autore | Uceda Vélez Tony <1976-> |
Edizione | [1st edition] |
Pubbl/distr/stampa | Hoboken, New Jersey : , : John Wiley & Sons, Inc., , [2015] |
Descrizione fisica | 1 online resource (693 p.) |
Disciplina | 658.4038 |
Soggetto topico |
Management information systems - Security measures
Computer security |
ISBN |
1-118-98835-3
1-118-98837-X |
Classificazione | POL037000 |
Formato | Materiale a stampa ![]() |
Livello bibliografico | Monografia |
Lingua di pubblicazione | eng |
Nota di contenuto |
Cover; Title Page; Copyright; Dedication; Contents; Foreword; Preface; List of Figures; List of Tables; Chapter 1 Threat Modeling Overview; Definitions; Origins and Use; Summary; Rationale and Evolution of Security Analysis; Summary; Building A Better Risk Model; Summary; Threat Anatomy; Summary; Crowdsourcing Risk Analytics; Chapter 2 Objectives and Benefits of Threat Modeling; Defining a Risk Mitigation Strategy; Improving Application Security; Building Security in the Software Development Life Cycle; Identifying Application Vulnerabilities and Design Flaws
Analyzing Application Security RisksChapter 3 Existing Threat Modeling Approaches; Security, Software, Risk-Based Variants; Chapter 4 Threat Modeling Within the SDLC; Building Security in SDLC with Threat Modeling; Integrating Threat Modeling Within The Different Types of SDLCs; Chapter 5 Threat Modeling and Risk Management; Data Breach Incidents and Lessons for Risk Management; Threats and Risk Analysis; Risk-Based Threat Modeling; Threat Modeling in Information Security and Risk Management Processes; Threat Modeling Within Security Incident Response Processes; Chapter 6 Intro to PASTA Risk-Centric Threat ModelingChapter 7 Diving Deeper into PASTA; Exploring the Seven Stages and Embedded Threat Modeling Activities; Chapter Summary; Chapter 8 PASTA Use Case; PASTA Use Case Example Walk-Through; Glossary; References; Index; EULA |
Record Nr. | UNINA-9910830690103321 |
Uceda Vélez Tony <1976->
![]() |
||
Hoboken, New Jersey : , : John Wiley & Sons, Inc., , [2015] | ||
![]() | ||
Lo trovi qui: Univ. Federico II | ||
|
Business continuity and disaster recovery planning for IT professionals / / Susan Snedaker, Chris Rima |
Autore | Snedaker Susan |
Edizione | [Second edition.] |
Pubbl/distr/stampa | Waltham, MA : , : Syngress, , [2014] |
Descrizione fisica | 1 online resource (602 p.) |
Disciplina | 658.4/78 |
Altri autori (Persone) | RimaChris |
Soggetto topico |
Business - Data processing - Security measures
Electronic data processing departments - Security measures Crisis management Computer networks - Security measures Management information systems - Security measures |
Soggetto genere / forma | Electronic books. |
ISBN | 0-12-411451-2 |
Formato | Materiale a stampa ![]() |
Livello bibliografico | Monografia |
Lingua di pubblicazione | eng |
Nota di contenuto | Machine generated contents note: Chapter 1: Business Continuity & Disaster Recovery Overview Chapter 2: Legal and Regulatory Environment Chapter 3: Project Initiation Chapter 4: Risk Assessment Chapter 5: Business Impact Assessment Chapter 6: Risk Mitigation Chapter 7: BC/DR Plan Development Chapter 8: Emergency Response and Recovery Chapter 9: Training, Testing & Auditing Results Chapter 10: BC/DR Plan Maintenance Case Study A: Utilities Case Study B: Healthcare Case Study C: Financial Case Study D: Small/Medium Business Glossary Checklists Resources. |
Record Nr. | UNINA-9910459144003321 |
Snedaker Susan
![]() |
||
Waltham, MA : , : Syngress, , [2014] | ||
![]() | ||
Lo trovi qui: Univ. Federico II | ||
|
Business continuity and disaster recovery planning for IT professionals / / Susan Snedaker, Chris Rima |
Autore | Snedaker Susan |
Edizione | [Second edition.] |
Pubbl/distr/stampa | Waltham, MA : , : Syngress, , 2014 |
Descrizione fisica | 1 online resource (xxiii, 577 pages) : illustrations |
Disciplina | 658.4/78 |
Collana | Gale eBooks |
Soggetto topico |
Business - Data processing - Security measures
Electronic data processing departments - Security measures Crisis management Computer networks - Security measures Management information systems - Security measures |
ISBN | 0-12-411451-2 |
Formato | Materiale a stampa ![]() |
Livello bibliografico | Monografia |
Lingua di pubblicazione | eng |
Nota di contenuto | Machine generated contents note: Chapter 1: Business Continuity & Disaster Recovery Overview Chapter 2: Legal and Regulatory Environment Chapter 3: Project Initiation Chapter 4: Risk Assessment Chapter 5: Business Impact Assessment Chapter 6: Risk Mitigation Chapter 7: BC/DR Plan Development Chapter 8: Emergency Response and Recovery Chapter 9: Training, Testing & Auditing Results Chapter 10: BC/DR Plan Maintenance Case Study A: Utilities Case Study B: Healthcare Case Study C: Financial Case Study D: Small/Medium Business Glossary Checklists Resources. |
Record Nr. | UNINA-9910792484303321 |
Snedaker Susan
![]() |
||
Waltham, MA : , : Syngress, , 2014 | ||
![]() | ||
Lo trovi qui: Univ. Federico II | ||
|
Business continuity and disaster recovery planning for IT professionals / / Susan Snedaker, Chris Rima |
Autore | Snedaker Susan |
Edizione | [Second edition.] |
Pubbl/distr/stampa | Waltham, MA : , : Syngress, , 2014 |
Descrizione fisica | 1 online resource (xxiii, 577 pages) : illustrations |
Disciplina | 658.4/78 |
Collana | Gale eBooks |
Soggetto topico |
Business - Data processing - Security measures
Electronic data processing departments - Security measures Crisis management Computer networks - Security measures Management information systems - Security measures |
ISBN | 0-12-411451-2 |
Formato | Materiale a stampa ![]() |
Livello bibliografico | Monografia |
Lingua di pubblicazione | eng |
Nota di contenuto | Machine generated contents note: Chapter 1: Business Continuity & Disaster Recovery Overview Chapter 2: Legal and Regulatory Environment Chapter 3: Project Initiation Chapter 4: Risk Assessment Chapter 5: Business Impact Assessment Chapter 6: Risk Mitigation Chapter 7: BC/DR Plan Development Chapter 8: Emergency Response and Recovery Chapter 9: Training, Testing & Auditing Results Chapter 10: BC/DR Plan Maintenance Case Study A: Utilities Case Study B: Healthcare Case Study C: Financial Case Study D: Small/Medium Business Glossary Checklists Resources. |
Record Nr. | UNINA-9910815456903321 |
Snedaker Susan
![]() |
||
Waltham, MA : , : Syngress, , 2014 | ||
![]() | ||
Lo trovi qui: Univ. Federico II | ||
|
The CISO evolution : business knowledge for cybersecurity executives / / Matthew K. Sharp, Kyriakos P. Lambros |
Autore | Sharp Matthew K. |
Pubbl/distr/stampa | Hoboken, New Jersey : , : Wiley, , [2022] |
Descrizione fisica | 1 online resource (343 pages) |
Disciplina | 658.4/038011 |
Soggetto topico |
Chief information officers
Computer security Management information systems - Security measures |
ISBN |
1-119-78250-3
1-119-78251-1 1-119-78249-X |
Formato | Materiale a stampa ![]() |
Livello bibliografico | Monografia |
Lingua di pubblicazione | eng |
Record Nr. | UNINA-9910555153603321 |
Sharp Matthew K.
![]() |
||
Hoboken, New Jersey : , : Wiley, , [2022] | ||
![]() | ||
Lo trovi qui: Univ. Federico II | ||
|
The CISO evolution : business knowledge for cybersecurity executives / / Matthew K. Sharp, Kyriakos P. Lambros |
Autore | Sharp Matthew K. |
Pubbl/distr/stampa | Hoboken, New Jersey : , : Wiley, , [2022] |
Descrizione fisica | 1 online resource (343 pages) |
Disciplina | 658.4/038011 |
Soggetto topico |
Chief information officers
Computer security Management information systems - Security measures |
ISBN |
1-119-78250-3
1-119-78251-1 1-119-78249-X |
Formato | Materiale a stampa ![]() |
Livello bibliografico | Monografia |
Lingua di pubblicazione | eng |
Nota di contenuto | Intro -- Table of Contents -- Title Page -- Copyright -- Dedication -- Foreword -- Preface -- Acknowledgments -- Introduction -- Part I - Foundational Business Knowledge -- Part II - Communication and Education -- Part III - Cybersecurity Leadership -- PART I: Foundational Business Knowledge -- CHAPTER 1: Financial Principles -- Opportunity -- Principle -- Application -- Key Insights -- Notes -- CHAPTER 2: Business Strategy Tools -- Opportunity -- Principle -- Application -- Key Insights -- Notes -- CHAPTER 3: Business Decisions -- Opportunity -- Principle -- Application -- Key Insights -- Notes -- CHAPTER 4: Value Creation -- Opportunity -- Principle -- Application -- Key Insights -- Notes -- CHAPTER 5: Articulating the Business Case -- Opportunity -- Principle -- Application -- Key Insights -- Notes -- PART II: Communication and Education -- CHAPTER 6: Cybersecurity: A Concern of the Business, Not Just IT -- Opportunity -- Principle -- Application -- Key Insights -- Notes -- CHAPTER 7: Translating Cyber Risk into Business Risk -- Opportunity -- Principle -- Application -- Key Insights -- Notes -- CHAPTER 8: Communication - You Do It Every Day (or Do You?) -- Opportunity -- Principle -- Application -- Key Insights -- Notes -- Part III: Cybersecurity Leadership -- CHAPTER 9: Relationship Management -- Opportunity -- Principle -- Application -- Key Insights -- Notes -- CHAPTER 10: Recruiting and Leading High Performing Teams -- Opportunity -- Principle -- Application -- Key Insights -- Notes -- CHAPTER 11: Managing Human Capital -- Opportunity -- Principle -- Application -- Key Insights -- Notes -- CHAPTER 12: Negotiation -- Opportunity -- Principle -- Application -- Key Insights -- Notes -- Conclusion -- Index -- End User License Agreement. |
Record Nr. | UNINA-9910830568503321 |
Sharp Matthew K.
![]() |
||
Hoboken, New Jersey : , : Wiley, , [2022] | ||
![]() | ||
Lo trovi qui: Univ. Federico II | ||
|
Journal of strategic security |
Pubbl/distr/stampa | San Jose, CA, : Henley-Putnam University Press |
Disciplina | 658 |
Soggetto topico |
Information technology - Security measures
Management information systems - Security measures |
Soggetto genere / forma | Periodicals. |
Soggetto non controllato | Management Styles & Communication |
ISSN | 1944-0472 |
Formato | Materiale a stampa ![]() |
Livello bibliografico | Periodico |
Lingua di pubblicazione | eng |
Record Nr. | UNISA-996321099303316 |
San Jose, CA, : Henley-Putnam University Press | ||
![]() | ||
Lo trovi qui: Univ. di Salerno | ||
|
Journal of strategic security |
Pubbl/distr/stampa | San Jose, CA, : Henley-Putnam University Press |
Disciplina | 658 |
Soggetto topico |
Information technology - Security measures
Management information systems - Security measures |
Soggetto genere / forma | Periodicals. |
Soggetto non controllato | Management Styles & Communication |
ISSN | 1944-0472 |
Formato | Materiale a stampa ![]() |
Livello bibliografico | Periodico |
Lingua di pubblicazione | eng |
Record Nr. | UNINA-9910146254003321 |
San Jose, CA, : Henley-Putnam University Press | ||
![]() | ||
Lo trovi qui: Univ. Federico II | ||
|
Security design consulting [[electronic resource] ] : the business of security system design / / Brian Gouin |
Autore | Gouin Brian |
Edizione | [1st edition] |
Pubbl/distr/stampa | Amsterdam ; ; New York, : Butterworth-Heinemann, c2007 |
Descrizione fisica | 1 online resource (350 p.) |
Disciplina | 658.47 |
Soggetto topico |
Industries - Security measures
Business consultants Management information systems - Security measures |
Soggetto genere / forma | Electronic books. |
ISBN |
1-281-00676-9
9786611006761 0-08-049305-X |
Formato | Materiale a stampa ![]() |
Livello bibliografico | Monografia |
Lingua di pubblicazione | eng |
Nota di contenuto |
Cover; Copyright page; Table of contents; Foreword; Acknowledgments; Introduction; Chapter 1: The Profession of Security Design Consulting; SECURITY DESIGN CONSULTANTS VERSUS SECURITY MANAGEMENT CONSULTANTS; QUALIFICATIONS OF A SECURITY DESIGN CONSULTANT; WHO SHOULD NOT BECOME, OR WHO IS NOT NOW, A SECURITY DESIGN CONSULTANT; CONSULTING ETHICS; QUALITY; ARE YOU READY?; Chapter 2: How to Get Started; BUSINESS PLANS; DEFINING THE SERVICES THAT WILL BE PROVIDED; BUSINESS NAME; BUSINESS ORGANIZATION; FULL OR PART TIME; START-UP MONEY; OFFICE SPACE; ACCOUNTANTS AND LAWYERS; RECORD KEEPING
INSURANCEOFFICE SUPPLIES; OFFICE EQUIPMENT; REFERENCE MATERIAL; Chapter 3: Marketing; MARKETING PLANS; THE CONSULTANT'S CLIENT; ADVERTISING; COLLABORATIONS/PARTNERING; SHOE LEATHER; TRACKING SALES EFFORTS; PUBLIC SPEAKING; WRITING; Chapter 4: The Proposal; INITIAL CLIENT MEETING; INFORMATION NEEDED FOR THE PROPOSAL; PROPOSAL ELEMENTS; RESPONDING TO AN RFP; RESPONDING TO AN RFQ; FOLLOW-UP; CONTRACTS; Chapter 5: Fees and Billing; HOURLY FEES; MORE ABOUT FEES; FIXED JOB PRICE VERSUS HOURLY; HOW LONG WILL THE PROJECT TAKE?; EXPENSES; FINAL PROJECT COST; BILLING; Chapter 6: Assessment ASSESSMENT SERVICESASSESSMENT TOOLS; INTERVIEWS; OBSERVATIONS; SITE SURVEY; DESIGN CRITERIA; CODE COMPLIANCE; Chapter 7: System Design; BASIC DESIGN GUIDELINES; INTEGRATION OF MULTIPLE PHYSICAL SECURITY COUNTERMEASURES; INTEGRATION OF PHYSICAL SECURITY COUNTERMEASURES WITH PERSONNEL AND POLICIES AND PROCEDURES COUNTERMEASURES; DESIGN CRITERIA; DESIGN DETAILS; REQUEST FOR PROPOSAL VERSUS INVITATION FOR BID; Chapter 8: Determining What Products to Specify; HOW TO OBTAIN PRODUCT AND TECHNICAL KNOWLEDGE; SYSTEM NEEDS: DESIGN CRITERIA AND DETAILS; MATCHING PRODUCT TO NEED CHOOSING THE BEST PRODUCTSChapter 9: Determining Total System Cost; SYSTEM DESIGN COSTS; SYSTEM INSTALLATION COSTS; SYSTEM OPERATION COSTS; MAINTENANCE COSTS; REPLACEMENT COSTS; TOTAL SYSTEM COST; COST/BENEFIT ANALYSIS; BUDGET DISCREPANCIES; Chapter 10: The Report; THE ASSESSMENT REPORT; DESIGN SPECIFICATIONS; Chapter 11: Project Management; ASSIST IN ATTACHING BID DOCUMENTS TO THE DESIGN SPECIFICATIONS; ASSIST IN LOCATING AND INVITING QUALIFIED CONTRACTORS TO BID; LEAD THE PRE-BID CONFERENCE AND WALK-THROUGH; PROVIDE WRITTEN ANSWERS TO QUESTIONS AT PRE-BID WALK-THROUGH APPROVE PRODUCT CHANGESASSIST IN EVALUATION OF BIDS; REVIEW AND APPROVE ALL SUBMITTALS; RESPOND TO ANY CONTRACTORS' REQUESTS FOR INFORMATION; ATTEND CONSTRUCTION MEETINGS; CHECK, REVIEW, AND APPROVE INSTALLATION PROGRESS AND TECHNIQUES; REVIEW AND APPROVE ANY CHANGE ORDERS OR CHANGE IN SCOPE OF WORK; WITNESS SYSTEM TEST WITH CONTRACTOR; REVIEW AND APPROVE TEST REPORT; MAINTAIN PUNCH LIST FOR ANY DEFICIENCIES; REVIEW AND APPROVE AS-BUILT DRAWINGS AND RECORD OF COMPLETION; APPROVE CONTRACTOR PAYMENTS; RESPOND TO OTHER REQUESTS BY CLIENT; Chapter 12: Forensic Consulting; PROS AND CHALLENGES GETTING STARTED |
Record Nr. | UNINA-9910457064203321 |
Gouin Brian
![]() |
||
Amsterdam ; ; New York, : Butterworth-Heinemann, c2007 | ||
![]() | ||
Lo trovi qui: Univ. Federico II | ||
|