chapter 1. Introduction -- chapter 2. The secure development lifecycle -- chapter 3. Security assessment (A1) : SDL activities and best practices -- chapter 4. Architecture (A2) : SDL activities and best practices -- chapter 5. Design and development (A3) : SDL activities and best practices -- chapter 6. Design and development (A4) : SDL activities and best practices -- chapter 7. Ship (A5) : SDL activities and best practices -- chapter 8. Post-release support (PRSA1-5) -- chapter 9. Applying the SDL framework to the real world -- chapter 10. Pulling it all together : using the SDL to prevent real-world threats

This book outlines a step-by-step process for software security that is relevant to today's technical, operational, business, and development environments. The authors focus on what humans can do to control and manage a secure software development process in the form of best practices and metrics. Although security issues will always exist, this book will teach you how to maximize an organizations ability to minimize vulnerabilities in your software products before they are released or deployed by building security into the development process. This book is targeted towards anyone who is interested in learning about software security in an enterprise environment to include product security and quality executives, software security architects, security consultants, software development engineers, enterprise SDLC program managers, chief information security officers, chief technology officers, and chief privacy officers whose companies develop software. If you want to learn about how software security should be implemented in developing enterprise software, this is a book you don't want to skip