- Paperback: 216 pages
- Publisher: IT Governance (10 April 2008)
- Language English
- ISBN-10: 1905356358
- ISBN-13: 978-1905356355
- Product Dimensions: 21.3 x 13.7 x 1.8 cm
- Amazon Bestsellers Rank: 1,510,589 in Books (See Top 100 in Books)
- See Complete Table of Contents
Did you know you can trade in your old books for an Amazon.co.uk Gift Card to spend on the things you want? Visit the Amazon.co.uk Trade-In Store for more details. |
Product details |
More About the Author
Product Description
Product Description
Application Security in the ISO27001 Environment demonstrates how to secure software applications within a best practice ISO/IEC 27001 environment, helps organisations protet critical data in line with the requirements of financial, governance and data protection regulations, and supports implementation of the PCI DSS Payment Application Security Standard.
Application Security in the ISO27001 Environment is written by Vinod Vasudevan, Anoop Mangla, Firosh Ummer, Sachin Shetty, Sangita Pakala and Siddharth Anbalahan. Together, the authors draw on a wealth of experience in tackling and securing applications in critical environments and make this expertise available to help anyone tackling application security in ISO27001 and PCI environments, risk management and software application development.
Secure Development Lifecycles.
Over 224 pages, they address a range of essential topics, including:
* secure development lifecycles,
* threat profiling,
* security testing,
* secure coding guidelines.
They also show how the controls from Annex A of ISO27001/ISO27002 can be used to secure individual applications, and demonstrates how to tackle this issue as part of the development and roll out of an organisation-wide Information Security Management System conforming to the Standard.
Application Security in the ISO27001 Environment is written by Vinod Vasudevan, Anoop Mangla, Firosh Ummer, Sachin Shetty, Sangita Pakala and Siddharth Anbalahan. Together, the authors draw on a wealth of experience in tackling and securing applications in critical environments and make this expertise available to help anyone tackling application security in ISO27001 and PCI environments, risk management and software application development.
Secure Development Lifecycles.
Over 224 pages, they address a range of essential topics, including:
* secure development lifecycles,
* threat profiling,
* security testing,
* secure coding guidelines.
They also show how the controls from Annex A of ISO27001/ISO27002 can be used to secure individual applications, and demonstrates how to tackle this issue as part of the development and roll out of an organisation-wide Information Security Management System conforming to the Standard.
About the Author
Vinod Vasudevan, CISSP, is the Director of Managed Risk Services at Paladion. He is the co-author of Enhancing Computer Security with Smart Technology, published by Auerbach. Prior to co-founding Paladion, Vinod worked with Microsoft. He wrote the chapter 'Application Security and ISO27001'. Anoop Mangla is a risk specialist in banking and finance. Previously with PCQuest, Anoop is an expert on the effectiveness of security technologies in an organisation's security. He wrote the chapter on 'Introduction to Application Security Threats'.Firosh Ummer, CISA, ISO27001 LA, CBCP, BS15000 LA, is co-founder of Paladion and head of the ISO27001 consulting practice. Firosh advises Fortune 500 companies on their ISMS strategy and helps them get certified to the new ISO standard. Firosh wrote the chapter 'Threat Profiling and Security Testing'. Sachin Shetty, CISSP, is a senior application security engineer with Paladion. Sachin's work on fighting keyloggers has been published in Securityfocus. Sachin wrote the chapter 'Attacks on Applications'. Sangita Pakala, GCIH, is Head of Application Security Projects at Paladion. She has had experience on more than fifty application security projects. She is the lead author of the OWASP Application Security FAQ. Sangita's work was presented at RSA Conference 2006 and ISACA Europe 2005. She wrote the chapter 'Secure Development Lifecycle'. Siddharth Anbalahan is a senior application security engineer with experience of more than twenty penetration tests. Siddharth has developed anti-phishing toolkits to enable banks to detect phishing attacks in real time. He is the editor of Palisade, the application security magazine. Siddharth wrote the chapter 'Secure Coding Guidelines'.
Inside This Book
(Learn More)
Tags Customers Associate with This Product(What's this?)Click on a tag to find related items, discussions, and people.
|
Sell a Digital Version of This Book in the Kindle Store
If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store.
Learn more
Customer Reviews
|
There are no customer reviews yet on Amazon U.K.
|
||||||||||||||||||||
|
Most Helpful Customer Reviews on Amazon.com (beta)
Amazon.com:
1.0 out of 5 stars (1 customer review)
1 of 1 people found the following review helpful:
1.0 out of 5 stars
An expensive disappointment, 21 Feb 2011
By Lawrence J. Webber - Published on Amazon.com
This review is from: Application Security in the ISO27001 Environment (Paperback)
There is a lot of excellent information in the marketplace on this topic and unfortunately this is not it. The information identifies problems but provides little answers. Instead it provides links to web sites. For the cost of this book, I would want to know the details of the solutions from the author - not to be referred to common Information Security web sites.
Listmania!
Look for similar items by category
Look for similar items by subject
Feedback
- Would you like to update product info or give feedback on images?
- I am the Author, and I want to comment on my book.
- I am the Publisher, and I want to comment on this book.
|
