Software Transparency - Supply Chain Security in an Era of a Software-Driven Society
Verlag | Wiley & Sons |
Auflage | 2023 |
Seiten | 336 |
Format | 18,9 x 1,9 x 23,6 cm |
Gewicht | 632 g |
Artikeltyp | Englisches Buch |
EAN | 9781394158485 |
Bestell-Nr | 39415848UA |
Discover the new cybersecurity landscape of the interconnected software supply chain
In Software Transparency: Supply Chain Security in an Era of a Software-Driven Society, a team of veteran information security professionals delivers an expert treatment of software supply chain security. In the book, you'll explore real-world examples and guidance on how to defend your own organization against internal and external attacks. It includes coverage of topics including the history of the software transparency movement, software bills of materials, and high assurance attestations.
The authors examine the background of attack vectors that are becoming increasingly vulnerable, like mobile and social networks, retail and banking systems, and infrastructure and defense systems. You'll also discover:
_ Use cases and practical guidance for both software consumers and suppliers
_ Discussions of firmware and embedded software, as well as cloud and connected APIs
_ Stra tegies for understanding federal and defense software supply chain initiatives related to security
An essential resource for cybersecurity and application security professionals, Software Transparency will also be of extraordinary benefit to industrial control system, cloud, and mobile security professionals.
Rezension:
"Starting this book off with a proper threat model is precisely what's needed as a frame for such an important problem. Supply chain risk is complicated, it's changing quickly, and the defensive measures often involve multiple teams which drives up the complexity. The insights captured throughout this book are absolutely necessary for the state of software security today and having the proper context and frame of the problem space as you read it will help get the most of it."
--Robert Wood, CISO of Centers for Medicare and Medicaid (CMS)
"This is a very good book. It achieves something that I don't think anyone else has even attempted: provide an encyclopedic account of guidelines, best practices, regulations, and current efforts to secure the software supply chain. The best aspect of this book is that someone (like me) who is primarily involved with just one aspect of software supply chain security can benefit from a well-informed treatment of the subject from differen t aspects, yet still have a reference tool to return to later, when the need arises to learn about other topics within this already vast discipline."
--Tom Alrich