{"product_id":"devsecops-for-net-core-securing-modern-software-applications-9781484258491","title":"Devsecops for .Net Core: Securing Modern Software Applications","description":"\u003cb\u003e​Chapter 1: Modern Software Engineering\u003c\/b\u003e\u003cp\u003e\u003cb\u003eChapter Goal: This chapter will outline the modern software engineering principles and introduce DevOps as well as requirements and responsibilities of a software engineering team to publish quality software. \u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eNo of pages\u003c\/b\u003e 20\u003c\/p\u003e \u003cp\u003e\u003cb\u003eSub -Topics\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e1. Software Design \u003c\/p\u003e \u003cp\u003e2. Solutions on the Internet\u003c\/p\u003e \u003cp\u003e3. Multicultural Customers \u003c\/p\u003e \u003cp\u003e4. Changing Market\u003c\/p\u003e \u003cp\u003e5. Security and Compliance Requirements\u003c\/p\u003e\u003cb\u003e Chapter 2: DevOps with Security \u003c\/b\u003e\u003cp\u003e\u003cb\u003eChapter Goal: This is a practical topic and discusses DevOps pipelines as a mode of automation for software production and outlines important tasks in DevOps where automation can inject security principles to improve product quality. \u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eNo of pages\u003c\/b\u003e: 20-25\u003cb\u003e\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eSub - Topics\u003c\/b\u003e \u003c\/p\u003e 1. DevOps in a Nutshell\u003cp\u003e\u003c\/p\u003e \u003cp\u003e2. Securing Software\u003c\/p\u003e 3. Quality Assurance \u003cp\u003e\u003c\/p\u003e \u003cp\u003e4. Pre-commit testing\u003c\/p\u003e 5. HTTP vs SSH\u003cp\u003e\u003c\/p\u003e\u003cb\u003e Chapter 3: Writing Secure Code \u003c\/b\u003e\u003cp\u003e\u003cb\u003eChapter Goal: This chapter discusses the development phase of DevOps pipeline and outlines how to improve software quality and decrease friction in later stages by preventing known vulnerabilities and code flaws before hand. During this chapter we will explore code issues such as SQL Injection prevention, Cross-site scripting, and other similar issues. \u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eNo of pages\u003c\/b\u003e: 45\u003cb\u003e\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eSub - Topics: \u003c\/b\u003e \u003c\/p\u003e \u003cp\u003e1. Write Less, Write Secure\u003c\/p\u003e \u003cp\u003e2. Developer Training\u003c\/p\u003e \u003cp\u003e3. Runtime Selection and Configuration\u003c\/p\u003e \u003cp\u003e4. Microservices: Separation of Concerns\u003c\/p\u003e \u003cp\u003e5. Authentication in Services\u003c\/p\u003e \u003cp\u003e \u003c\/p\u003e\u003cb\u003e Chapter 4: Automating Everything as Code \u003c\/b\u003e\u003cp\u003e\u003cb\u003eChapter Goal: We discuss the steps necessary to make security, compliance, audit, and UX automated to decrease decoupling and friction in the departments, and introduce key factors that help improve build and hosting environments, which will be discussed in detail in later chapter. \u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eNo of pages:40-45\u003c\/p\u003e \u003cp\u003e\u003cb\u003eSub - Topics: \u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e1. Version Control and Audit\u003c\/p\u003e \u003cp\u003e2. Hosted Code Storage\u003c\/p\u003e \u003cp\u003e3. Infrastructure as Code\u003c\/p\u003e \u003cp\u003e4. Automating Security \u003c\/p\u003e \u003cp\u003e5. Compliance and Policies\u003c\/p\u003e \u003cp\u003e6. Risk and Bugs Analysis\u003c\/p\u003e \u003cp\u003e \u003c\/p\u003e\u003cb\u003e Chapter 5: Securing Build Systems for DevOps \u003c\/b\u003e\u003cp\u003e\u003cb\u003eChapter Goal: \u003c\/b\u003e In this chapter we demonstrate the CI phase of DevOps and utilize our build systems; hosted and on-premises, to apply security and compliance checks throughout the task, we apply code analysis methods to verify quality of product and discusses different approaches to host package archives for deployment. \u003c\/p\u003e \u003cp\u003e\u003cb\u003eNo of pages\u003c\/b\u003e: 45\u003c\/p\u003e \u003cp\u003e1. On-Premises vs Hosted CI\/CD\u003c\/p\u003e \u003cp\u003e2. Code Analysis Methods\u003c\/p\u003e \u003cp\u003e3. Archive Caching and Hashing\u003c\/p\u003e \u003cp\u003e4. Automated Deployments\u003c\/p\u003e \u003cp\u003e \u003c\/p\u003e\u003cb\u003e Chapter 6: Automating Production Environments for Quality \u003c\/b\u003e\u003cp\u003eChapter Goal: This chapter focuses on production hosting environments and their security, such as container and host platform security, network ports scanning, firewall and application gateways to prevent unauthorized access. We also explore how to extract sensitive information out of source code and configuration files using external services to improve privacy. \u003c\/p\u003e \u003cp\u003e\u003cb\u003eNo of pages\u003c\/b\u003e: 40\u003c\/p\u003e \u003cp\u003e1. Host Platforms\u003c\/p\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eBinding Type:\u003c\/b\u003e Paperback\u003cbr\u003e\u003cb\u003ePublisher:\u003c\/b\u003e Apress\u003cbr\u003e\u003cb\u003ePublished:\u003c\/b\u003e 05\/31\/2020\u003cbr\u003e\u003cb\u003eISBN:\u003c\/b\u003e 9781484258491\u003cbr\u003e\u003cb\u003ePages:\u003c\/b\u003e 284\u003cbr\u003e\u003cb\u003eWeight:\u003c\/b\u003e 1.03lbs\u003cbr\u003e\u003cb\u003eSize:\u003c\/b\u003e 9.21h x 6.14w x 0.68d","brand":"Afzaal Ahmad Zeeshan","offers":[{"title":"Default Title","offer_id":42222923481269,"sku":"9781484258491","price":50.99,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0473\/0804\/6492\/products\/img_34bf2c12-5b23-473c-aed5-51e0832782d9.jpg?v=1655779723","url":"https:\/\/pastforward.org\/products\/devsecops-for-net-core-securing-modern-software-applications-9781484258491","provider":"Past Forward","version":"1.0","type":"link"}