- Paperback: 624 pages
- Publisher: Wiley; 1 edition (February 17, 2014)
- Language: English
- ISBN-10: 1118809998
- ISBN-13: 978-1118809990
- Product Dimensions: 7.2 x 1.2 x 9.2 inches
- Shipping Weight: 2.2 pounds (View shipping rates and policies)
- Average Customer Review: 32 customer reviews
- Amazon Best Sellers Rank: #89,573 in Books (See Top 100 in Books)
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
Threat Modeling: Designing for Security 1st Edition
Use the Amazon App to scan ISBNs and compare prices.
The Amazon Book Review
Author interviews, book reviews, editors picks, and more. Read it now
Frequently bought together
Customers who bought this item also bought
From the Back Cover
Use threat modeling to enhance software security
If you’re a software developer, systems manager, or security professional, this book will show you how to use threat modeling in the security development lifecycle and in the overall software and systems design processes. Author and security expert Adam Shostack puts his considerable expertise to work in this book that, unlike any other, details the process of building improved security into the design of software, computer services, and systems — from the very beginning.
- Find and fix security issues before they hurt you or your customers
- Learn to use practical and actionable tools, techniques, and approaches for software developers, IT professionals, and security enthusiasts
- Explore the nuances of software-centric threat modeling and discover its application to software and systems during the build phase and beyond
- Apply threat modeling to improve security when managing complex systems
- Manage potential threats using a structured, methodical framework
- Discover and discern evolving security threats
- Use specific, actionable advice regardless of software type, operating system, or program approaches and techniques validated and proven to be effective at Microsoft and other top IT companies
About the Author
Adam Shostack is a principal program manager on Microsoft’s Trustworthy Computing Team. His experience as an operational systems manager and product developer at companies from startups to Microsoft ensures this book is practical and grounded. He helped found the CVE, the Privacy Enhancing Technologies Symposium, and more.
Top customer reviews
There was a problem filtering reviews right now. Please try again later.
It is written from the point of view of software development but the material can be adapted to other applications.
There is a lot of info here. You can use the book no matter what your level of experience but you will find it an easier read if you have some experience with threat modeling.
Overall the best work I have seen on the topic.