Cyber Secure Development Lifecycle offers an innovative approach to security that addresses both the reactive and proactive aspects of security. It engages all roles involved in the development and management of Information Technology in addressing the security challenge.
The book includes a Concepts and Models section to set the foundation for security. It identifies and details security controls that are implemented in process and technology, mapping the security tasks and decisions across the software lifecycle software and cloud services can be built and operated with security in mind. The controls that are associated with key development and operations tasks are given special treatment, so that the functional, operational and assurance aspects of software and cloud services are clearly identified.
The book is divided into three sections:
1. Fundamentals: Provides the background on how organizations that build and deliver IT or Cloud Services should structure the development lifecycle.
2. Secure SDL vs. Cyber SDL: Delivers insights on the difference between enterprise IT systems and Internet accessible IT systems.
3. Cyber Ready Systems: Describes the detailed information on how to build and operate a secure SDL program that is risk aware.