Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases now! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Practical Cybersecurity Architecture

You're reading from   Practical Cybersecurity Architecture A guide to creating and implementing robust designs for cybersecurity architects

Arrow left icon
Product type Paperback
Published in Nov 2020
Publisher Packt
ISBN-13 9781838989927
Length 418 pages
Edition 1st Edition
Arrow right icon
Authors (2):
Arrow left icon
Diana Kelley Diana Kelley
Author Profile Icon Diana Kelley
Diana Kelley
Ed Moyle Ed Moyle
Author Profile Icon Ed Moyle
Ed Moyle
Arrow right icon
View More author details
Toc

Table of Contents (14) Chapters Close

Preface 1. Section 1:Security Architecture
2. Chapter 1: What is Cybersecurity Architecture? FREE CHAPTER 3. Chapter 2: The Core of Solution Building 4. Section 2: Building an Architecture
5. Chapter 3: Building an Architecture – Scope and Requirements 6. Chapter 4: Building an Architecture – Your Toolbox 7. Chapter 5: Building an Architecture – Developing Enterprise Blueprints 8. Chapter 6: Building an Architecture – Application Blueprints 9. Section 3:Execution
10. Chapter 7: Execution – Applying Architecture Models 11. Chapter 8: Execution – Future-Proofing 12. Chapter 9: Putting It All Together 13. Other Books You May Enjoy

Scope – application security

"In the requirements phase, you need to ask both what security controls are needed, but also ask what shouldn't happen (account for those things as you find them). During design, threat modeling lets you ensure you understand what could go wrong so that you can design those considerations in. During implementation, incorporate security into IDE, modular code reviews, check-ins, and so on instead of waiting to reach the testing phase for a security-focused discussion to happen. During testing, evolve the security testing program to move from regular intervals to an irregular (unpredictable) or – better yet – continuous manner. Lastly, as you maintain, change the metrics from primarily KPI-driven (for example, the number of critical vulns in production systems) to KRI-driven (for example, – the number of critical vulns out of SLA in the production env)."

– Phoram Mehta, Director & Head of Infosec APAC...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime