<B> <P style="MARGIN: 0px">Strengthen Software Security by Helping Developers and Security Experts Work Together</P> <P style="MARGIN: 0px"> </P> <P style="MARGIN: 0px"> </B>Traditional approaches to securing software are inadequate. The solution: Bring software engineering and network security teams together in a new, holistic approach to protecting the entire enterprise. Now, four highly-respected security experts explain why this "confluence" is so crucial, and show how to implement it in your organization.</P> <P style="MARGIN: 0px"> <BR>Writing for all software and security practitioners and leaders, they show how software can play a vital, active role in protecting your organization. You'll learn how to construct software that actively safeguards sensitive data and business processes and contributes to intrusion detection/response in sophisticated new ways.</P> <P style="MARGIN: 0px"> <BR>The authors cover the entire development lifecycle, including project inception, design, implementation, testing, deployment, operation, and maintenance. They also provide a full chapter of advice specifically for Chief Information Security Officers (CISO) and other enterprise security executives.</P> <P style="MARGIN: 0px"> <BR>Whatever your software security responsibilities, <I>Enterprise Software Security</I> delivers indispensable big-picture guidance–and specific, high-value recommendations you can apply right now.</P> <P style="MARGIN: 0px"> </P> <P style="MARGIN: 0px">Coverage includes:</P> <P style="MARGIN: 0px">• Overcoming common obstacles to collaboration between developers and IT security professionals<BR>• Helping programmers design, write, deploy, and operate more secure software<BR>• Helping network security engineers use application output more effectively<BR>• Organizing a software security team before you've even created requirements<BR>• Avoiding the unmanageable complexity and inherent flaws of layered security<BR>• Implementing positive software design practices and identifying security defects in existing designs<BR>• Teaming to improve code reviews, clarify attack scenarios associated with vulnerable code, and validate positive compliance<BR>• Moving beyond pentesting towards more comprehensive security testing<BR>• Integrating your new application with your existing security infrastructure<BR>• "Ruggedizing" DevOps by adding infosec to the relationship between development and operations<BR>• Protecting application security during maintenance</P>