Brook S. E. Schoenfield
December 15, 2019 Forthcoming
Reference - 320 Pages - 30 B/W Illustrations
ISBN 9781498741996 - CAT# K26773
For Instructors Request Inspection Copy
Introduction. What Is This Thing Called "Security Architecture"?. What Is Security Assessment. Architecture Risk Assessment. Threat Modeling. ATASM. Background knowledge: The Three S’s. Architecture. Threats. Attack Surfaces. Mitigations. Requirements. Security Architecture Programs. Secure Development Lifecycle. Tips and Tricks. Relationships Are (Almost) Everything. Know the Policies and Standards. Start With Context. Work Holistically. Assessment is Fractal and Recursive . Don’t Get Sidetracked By Presenting Problems. The Early Requirement Gets the Worm. Break the Kill Chain to Mitigate. Probability Can Be Reduced To Booleans. Becoming Part of a Team. We Are Not Cops. Playing a Long Game. Conflict Builds Trust. Give Risks to Decision Makers. Making Friends with Exceptions. Interjections and Release Scheduling. What to Do When Brought in Late. Transparency!. Post Threat Models. The Rule of the Most Sensitive. External to Internal? Build a mini-DMZ. Peer Review Rules. When Policies Make Sense, When They Don’t. Working with Eyeball-to-Eyeball Security. Measuring Success. Measuring Architect Performance.