If you’re a software developer, systems manager, or security professional, this book will show you how to use threat modeling in the security development lifecycle and in the overall software and systems design processes. Author and security expert Adam Shostack puts his considerable expertise to work in this book that, unlike any other, details the process of building improved security into the design of software, computer services, and systems — from the very beginning.
Find and fix security issues before they hurt you or your customers
Learn to use practical and actionable tools, techniques, and approaches for software developers, IT professionals, and security enthusiasts
Explore the nuances of software-centric threat modeling and discover its application to software and systems during the build phase and beyond
Apply threat modeling to improve security when managing complex systems
Manage potential threats using a structured, methodical framework
Discover and discern evolving security threats
Use specific, actionable advice regardless of software type, operating system, or program approaches and techniques validated and proven to be effective at Microsoft and other top IT companies