Holistic InfoSec For Web… by Kim Carter [PDF/iPad/Kindle]
Holistic InfoSec For Web Developers, Fascicle 0: Physical and People
Holistic InfoSec For Web Developers, Fascicle 0: Physical and People
$8.99
Minimum
$13.99
Suggested
Holistic InfoSec For Web Developers, Fascicle 0: Physical and People

This book is 95% complete

Last updated on 2017-03-08

About the Book

Fascicle 0 focusses on:

  • The chosen threat modelling approach
  • Setting up your tool-belt
  • The process of penetration testing
  • A collection of processes and practises formulated from penetration testing, useful for augmenting each and every Scrum Sprint
  • Physical
  • People

Fascicle 0 is now considered Done.

Hard copies can be purchased at Amazon

Description

This book begins by taking the reader to the 30,000’ view, so you can start to see the entire security landscape. I then attempt to explain a very simple threat modelling approach that I believe Bruce Schneier created, called the Sensible Security Model (SSM). We take the learnings from the first chapter and apply them to lower levels. I detail how to set-up a security focussed distribution with all the tools and configuration options required for working through the book. We then walk through the Process and Practises that the attackers often execute, and we take the learnings from that and train the defenders on how they can bring the finding of defects from the most expensive place to the cheapest place, within your Sprint cycles. The rest of the book focusses on the specific areas addressed on the cover of this book.

Purpose

My intention with “Holistic Info-Sec for Web Developers” is in many ways to help you answer your own questions and show you that creating systems and arming people to withstand the types of attacks commonly encounted today is not out of reach of mere mortals. That by simply lifting the lower hanging fruit for an attacker often means they will move on to an easier target. Unless they are specifically targeting you. In which case you should find many of the risks and countermeasures I address, effective for increasing the difficulty for your attacker, and thus dramatically increasing your chances of defence and counter-attack.

Bundles that include this book

Holistic InfoSec For Web Developers, Fascicle 0: Physical and People
Holistic InfoSec For Web Developers, Fascicle 1: VPS, Network, Cloud and Web Applications
Holistic InfoSec For Web Developers, Fascicle 2: Mobile and IoT
3 Books
$28.97
Regular Price
$28.97
Bundle Price
Essential Node.js Security
Holistic InfoSec For Web Developers, Fascicle 0: Physical and People
Holistic InfoSec For Web Developers, Fascicle 1: VPS, Network, Cloud and Web Applications
Holistic InfoSec For Web Developers, Fascicle 2: Mobile and IoT
4 Books
$41.97
Regular Price
$35.00
Bundle Price

About the Author

Kim Carter
Kim Carter

Kim is an experienced Senior Software Architect / Engineer, Entrepreneur and the founder of BinaryMist.

Website: https://binarymist.io

Blog: http://blog.binarymist.net

OWASP NZ Chapter Leader.

Experienced and passionate about mentoring and motivating cross functional, self managing teams.

One of my strengths is helping organisations realise how they can increase profit and reduce costs.

How I do this:

• Take a holistic view of the organisation and focus on the lowest hanging (biggest wins) fruit first

• Bring visibility to all areas of the organisation

• Help people discover their full potential, especially those involved in the software engineering field

• When needed: acquire, design and build robust software and networks

• Help people understand their security status: assets, risks, countermeasures, costs & trade-off's of possible solutions.

• Increasing quality awareness and helping people and organisations implement higher quality in a cost effective manner.

Very broad skill set, with many deep specialities. Some of which are:

• Enterprise Application Architecture

• Web Development

• Networking & hardening

• Security

• DevOps

About the Contributors

Chris Campbell
Chris Campbell

Contributor

Some contributions to the People chapter. Especially around phishing countermeasures. Chris is the creator of Pond

Drewe Hinkley
Drewe Hinkley

Contributor

Some contributions to the Physical chapter

Leanne Carter
Leanne Carter

Editor

Russ McRee
Russ McRee

Technical Editor

The Leanpub Unconditional, No Risk, 100% Happiness Guarantee

Within 45 days of purchase you can get a 100% refund on any Leanpub purchase, in two clicks.
See full terms

Write and Publish on Leanpub

Authors and publishers use Leanpub to publish amazing in-progress and completed ebooks, just like this one. You can use Leanpub to write, publish and sell your book as well! Leanpub is a powerful platform for serious authors, combining a simple, elegant writing and publishing workflow with a store focused on selling in-progress ebooks. Leanpub is a magical typewriter for authors: just write in plain text, and to publish your ebook, just click a button. It really is that easy.

Learn more about writing on Leanpub