Threats: What Every Engineer Should Learn From Star Wars
$9.99
Price: $9.99
(as of Jun 10, 2024 17:01:17 UTC – Details)
Secure your applications with help from your favorite Jedi masters
In Threats: What Every Engineer Should Learn From Star Wars, accomplished security expert and educator Adam Shostack delivers an easy-to-read and engaging discussion of security threats and how to develop secure systems. The book will prepare you to take on the Dark Side as you learn—in a structured and memorable way—about the threats to your systems. You’ll move from thinking of security issues as clever one-offs and learn to see the patterns they follow.
This book brings to light the burning questions software developers should be asking about securing systems, and answers them in a fun and entertaining way, incorporating cybersecurity lessons from the much-loved Star Wars series. You don’t need to be fluent in over 6 million forms of exploitation to face these threats with the steely calm of a Jedi master.
You’ll also find:
Understandable and memorable introductions to the most important threats that every engineer should knowStraightforward software security frameworks that will help engineers bake security directly into their systemsStrategies to align large teams to achieve application security in today’s fast-moving and agile worldStrategies attackers use, like tampering, to interfere with the integrity of applications and systems, and the kill chains that combine these threats into fully executed campaigns
An indispensable resource for software developers and security engineers, Threats: What Every Engineer Should Learn From Star Wars belongs on the bookshelves of everyone delivering or operating technology: from engineers to executives responsible for shipping secure code.
From the Publisher
Q and A with Adam Shostack, author of Threats: What Every Engineer Should Learn From Star Wars
What about the Star Wars franchise makes it such a good story to illustrate security concepts?
How does R2-D2 know who Ben Kenobi is? How does he decide to play the recording of Princess Leia for Ben, but not Luke? How does Princess Leia tell R2 her intentions? These three questions touch on fundamental issues of security: authentication, authorization, and usability. (Star Wars geeks have an answer to the first from the prequels, but Leia does not know that answer.) What’s more, the way the world of Star Wars engages with technology and computers gives us a familiar base from which to learn about how technology works in our world.
How does the original Star Wars trilogy relate to what you do on a personal level?
I was a Star Wars fan before I ever wrote a line of code and long before I broke my first system. As I became an expert in computer security, it became clear to me that we in the field are much better at code than with stories, and while it’s tempting to say “That is why you fail,” telling better stories is not our only hope. As I reflected on Star Wars I realized that as the crawl fades, the camera descends onto Princess Leia’s ship being pursued over…a stolen data tape! I realized Star Wars is not only the story of Luke’s hero’s journey and growth into adulthood but also a story of information disclosure and consequences. Over the last decade, I’ve used Star Wars to tell the story of computer security because epic stories give us reference points and illustrations of important issues.
With all the available security information out there, why is it so challenging to keep our systems secure?
Attackers have a great many advantages. They can study their target, plan their attacks, and launch them only when they feel confident. They can do what they will to take control of a system, make it misbehave, or embarrass its creator. And while some of what attackers do is really very clever, all of it is unexpected. That unexpected part’s tremendously important.
Who is this book for?
This book is for every engineer. It will be most useful to those who build or operate complex software-rich systems. There are hard trade-offs in engineering, which are made harder when security goals are obscure or vague. The book is focused on systems that incorporate code, but these days, what doesn’t? Engineers who work in more traditional parts of the field, like aerospace, chemical, civil, or mechanical engineering, are finding that these more elegant systems from a more mechanical time are being supplanted. Your systems must now interface with code, and you must address security properties.
This book is also for security professionals and enthusiasts. There are many pathways into many fields on security and hacking. Few of them provide a broad framework that will serve to organize the flood of information about threats, vulnerabilities, and exploits that you’ll encounter. My hope is that this book serves them all.
What should readers expect to learn from Threats: What Every Engineer Should Learn From Star Wars?
I’d like readers to come away with insight into which timeless threats keep raising their ugly heads, concrete details and true stories of where those threats have emerged, and a framework for organizing the complex, sprawling world of security threats. Human attention is a harsh master. It is hard to perceive what is missing. My intent in cataloging common issues is to say: these matter, and you can do something about them.
ASIN : B0BT3RGRKS
Publisher : Wiley; 1st edition (January 18, 2023)
Publication date : January 18, 2023
Language : English
File size : 2943 KB
Text-to-Speech : Enabled
Screen Reader : Supported
Enhanced typesetting : Enabled
X-Ray : Not Enabled
Word Wise : Not Enabled
Sticky notes : On Kindle Scribe
Print length : 341 pages
There are no reviews yet.