Threat Modeling: Designing for Security (Record no. 59891)

MARC details
000 -LEADER
fixed length control field 01957nam a2200193 a 4500
001 - CONTROL NUMBER
control field 59891
005 - DATE AND TIME OF LATEST TRANSACTION
control field 20260219124033.0
020 ## - INTERNATIONAL STANDARD BOOK NUMBER
International Standard Book Number 9781118809990
040 ## - CATALOGING SOURCE
Original cataloging agency AIS
Modifying agency AIS
082 ## - DEWEY DECIMAL CLASSIFICATION NUMBER
Classification number 005.8
100 ## - MAIN ENTRY--PERSONAL NAME
Personal name Adam Shostack
245 ## - TITLE STATEMENT
Title Threat Modeling: Designing for Security
260 ## - PUBLICATION, DISTRIBUTION, ETC.
Place of publication, distribution, etc. Indianapolis, IN
Name of publisher, distributor, etc. Wiley
Date of publication, distribution, etc. 2014
520 ## - SUMMARY, ETC.
Summary, etc. The book is chock-full of specific and actionable advice, without being tied to specific software, operating systems or languages. For security professionals, the book provides the easiest way to adopt a structured approach to threat modeling. This approach is being promoted by Microsoft, and the book will provide the easiest way to understand the changing threats and threat landscape. The book is up-to-date and covers all of the methods of threat modeling. For software developers, threat modeling is big and scary and hard to get your arms around. But as more software is delivered on the Internet, or operates on Internet connected computers, as attackers move after money, developers can no longer afford to view software security as an afterthought or as a matter of features. This book provides a jargon-free and accessible introduction to this important skill. For systems managers with security responsibilities, this book provides tools and a framework for structured thinking about what goes wrong. By threat modeling, they can break away from a technology centered way of threat modeling and instead focus on threats and effective operational countermeasures.The book begings with learning how to threat model, threat modeling approaches such as asset centric, attacker centric and sofware centric, then on to specifics such as threats to cryptosystems and finally moves on to more advanced areas with many examples to follow and emulate such as 3-tier web app, phone app, validation and cargo cutting.
655 ## - INDEX TERM--GENRE/FORM
Genre/form data or focus term Nonfiction
655 ## - INDEX TERM--GENRE/FORM
Genre/form data or focus term Science
655 ## - INDEX TERM--GENRE/FORM
Genre/form data or focus term Programming
655 ## - INDEX TERM--GENRE/FORM
Genre/form data or focus term Computer Science
Holdings
Withdrawn status Lost status Source of classification or shelving scheme Damaged status Not for loan Collection Home library Current library Shelving location Date acquired Total checkouts Full call number Barcode Date last seen Copy number Price effective from Koha item type
    Dewey Decimal Classification       MDIS Tashkent Learning Resource Center MDIS Tashkent Learning Resource Center   27.06.2022   005.8 TKB033314 19.02.2026 1 19.02.2026 Books
    Dewey Decimal Classification       MDIS Tashkent Learning Resource Center MDIS Tashkent Learning Resource Center   27.06.2022   005.8 TKB033315 19.02.2026 2 19.02.2026 Books
    Dewey Decimal Classification       MDIS Tashkent Learning Resource Center MDIS Tashkent Learning Resource Center   27.06.2022   005.8 TKB033316 19.02.2026 3 19.02.2026 Books
    Dewey Decimal Classification       MDIS Tashkent Learning Resource Center MDIS Tashkent Learning Resource Center   27.06.2022   005.8 TKB033317 19.02.2026 4 19.02.2026 Books
    Dewey Decimal Classification       MDIS Tashkent Learning Resource Center MDIS Tashkent Learning Resource Center   07.12.2022   005.8 TKB034464 19.02.2026 5 19.02.2026 Books