Um þessa rafbók
Application Security in the ISO 27001:2013 Environment explains how organisations can implement and maintain effective security practices to protect their web applications – and the servers on which they reside – as part of a wider information security management system by following the guidance set out in the international standard for information security management, ISO 27001.
The book describes the methods used by criminal hackers to attack organisations via their web applications and provides a detailed explanation of how you can combat such attacks by employing the guidance and controls set out in ISO 27001.
Product overviewSecond edition, updated to reflect ISO 27001:2013 as well as best practices relating to cryptography, including the PCI SSC’s denigration of SSL in favour of TLS.Provides a full introduction to ISO 27001 and information security management systems, including implementation guidance.Describes risk assessment, management and treatment approaches.Examines common types of web app security attack, including injection attacks, cross-site scripting, and attacks on authentication and session management, explaining how each can compromise ISO 27001 control objectives and showing how to test for each attack type.Discusses the ISO 27001 controls relevant to application security.Lists useful web app security metrics and their relevance to ISO 27001 controls.Provides a four-step approach to threat profiling, and describes application security review and testing approaches.Sets out guidelines and the ISO 27001 controls relevant to them, covering:input validationauthenticationauthorisationsensitive data handling and the use of TLS rather than SSLsession managementerror handling and loggingDescribes the importance of security as part of the web app development process
Einkunnir og umsagnir
5,0
2 umsagnir
Um höfundinn
Vinod Vasudevan, CISSP, is the chief technology officer (CTO) at Paladion. Before co-founding Paladion, Vinod worked with Microsoft. He wrote the chapter ‘Application Security and ISO27001’.
Gefa þessari rafbók einkunn.
Segðu okkur hvað þér finnst.
Upplýsingar um lestur
Snjallsímar og spjaldtölvur
Settu upp forritið Google Play Books fyrir Android og iPad/iPhone. Það samstillist sjálfkrafa við reikninginn þinn og gerir þér kleift að lesa með eða án nettengingar hvar sem þú ert.
Fartölvur og tölvur
Hægt er að hlusta á hljóðbækur sem keyptar eru í Google Play í vafranum í tölvunni.
Lesbretti og önnur tæki
Til að lesa af lesbrettum eins og Kobo-lesbrettum þarftu að hlaða niður skrá og flytja hana yfir í tækið þitt. Fylgdu nákvæmum leiðbeiningum hjálparmiðstöðvar til að flytja skrár yfir í studd lesbretti.
