OFFRE LISEUSES
Une liseuse achetée = une housse offerte* jusqu'au 21 juin
Nouveauté
ISO 27001 for Software Companies Volume 2 - Secure Engineering. ISO 27001 for Software Companies, #2
Par :Formats :
Disponible dans votre compte client Decitre ou Furet du Nord dès validation de votre commande. Le format ePub est :
- Compatible avec une lecture sur My Vivlio (smartphone, tablette, ordinateur)
- Compatible avec une lecture sur liseuses Vivlio
- Pour les liseuses autres que Vivlio, vous devez utiliser le logiciel Adobe Digital Edition. Non compatible avec la lecture sur les liseuses Kindle, Remarkable et Sony
, qui est-ce ?Notre partenaire de plateforme de lecture numérique où vous retrouverez l'ensemble de vos ebooks gratuitement
Pour en savoir plus sur nos ebooks, consultez notre aide en ligne ici
C'est si simple ! Lisez votre ebook avec l'app Vivlio sur votre tablette, mobile ou ordinateur :
- FormatePub
- ISBN8233828881
- EAN9798233828881
- Date de parution29/05/2026
- Protection num.pas de protection
- Infos supplémentairesepub
- ÉditeurLinda Balsamo
Résumé
Security controls only work in software companies when they become part of how engineers design, build, test, and ship. Volume 2 translates ISO/IEC 27001:2022 into day-to-day engineering practices, so your ISMS strengthens delivery instead of slowing it down. What you'll get:- Secure SDLC patterns that work in agile teams (standards, reviews, guardrails)- CI/CD + build hardening, including source code and artifact integrity- Practical AppSec testing strategy (where SAST/DAST/IAST fits, and where it doesn't)- Supply-chain risk management for dependencies and third-party components- Secrets + key management, and access control for developer tooling- Vulnerability management loop tied to risk treatment and measurable remediationWhat it helps you produce: engineering-friendly standards, repeatable controls, and evidence that is generated by your delivery pipeline - not by manual "compliance chores".
Typical questions this volume answers:- What does "secure by default" look like in agile teams that ship weekly or daily?- How do we harden CI/CD and protect source code + build artifacts?- Where do SAST/DAST/IAST fit (and where do they create noise)?- How do we treat software supply chain risk in a way that auditors accept?Who it's for: engineering and security teams that want "secure by default" delivery with auditable evidence.
Typical questions this volume answers:- What does "secure by default" look like in agile teams that ship weekly or daily?- How do we harden CI/CD and protect source code + build artifacts?- Where do SAST/DAST/IAST fit (and where do they create noise)?- How do we treat software supply chain risk in a way that auditors accept?Who it's for: engineering and security teams that want "secure by default" delivery with auditable evidence.
