Supply Chain Software Security: Ai, Iot, and Application Security

Syed, Aamiruddin

  • 出版商: Apress
  • 出版日期: 2024-11-14
  • 售價: $2,170
  • 貴賓價: 9.5$2,062
  • 語言: 英文
  • 頁數: 559
  • 裝訂: Quality Paper - also called trade paper
  • ISBN: 9798868807985
  • ISBN-13: 9798868807985
  • 相關分類: 物聯網 IoT資訊安全
  • 海外代購書籍(需單獨結帳)

相關主題

商品描述

Delve deep into the forefront of technological advancements shaping the future of supply chain safety and resilience. In an era where software supply chains are the backbone of global technology ecosystems, securing them against evolving threats has become mission critical. This book offers a comprehensive guide to understanding and implementing next-generation strategies that protect these intricate networks from most pressing risks.

This book begins by laying the foundation of modern software supply chain security, exploring the shifting threat landscape and key technologies driving the future. Delve into the heart of how AI and IoT are transforming supply chain protection through advanced predictive analytics, real-time monitoring, and intelligent automation. Discover how integrating application security practices within your supply chain can safeguard critical systems and data.

Through real-world case studies and practical insights, learn how to build resilient supply chains equipped to defend against sophisticated attacks like dependency confusion, backdoor injection, and adversarial manipulation. Whether you're managing a global software operation or integrating DevSecOps into your CI/CD pipelines, this book offers actionable advice for fortifying your supply chain end-to-end.

You Will:

  • Learn the role of AI and machine learning in enhancing supply chain threat detection
  • Find out the best practices for embedding application security within the supply chain lifecycle
  • Understand how to leverage IoT for secure, real-time supply chain monitoring and control

Who Is This Book For

The target audience for a book would typically include professionals and individuals with an interest or involvement in cloud-native application development and DevOps practices. It will cover fundamentals of cloud-native architecture, DevOps principles, and provide practical guidance for building and maintaining scalable and reliable applications in a cloud-native environment. The book's content will cater to beginner to intermediate level professionals seeking in-depth insights.

商品描述(中文翻譯)

深入探討塑造供應鏈安全與韌性未來的技術進步。在軟體供應鏈成為全球技術生態系統的支柱的時代,保護它們免受不斷演變的威脅已成為關鍵任務。本書提供了一個全面的指南,幫助讀者理解和實施下一代策略,以保護這些複雜的網絡免受最迫切的風險。

本書首先奠定現代軟體供應鏈安全的基礎,探討不斷變化的威脅環境和推動未來的關鍵技術。深入了解人工智慧(AI)和物聯網(IoT)如何通過先進的預測分析、實時監控和智能自動化來改變供應鏈保護。發現如何在供應鏈中整合應用安全實踐,以保護關鍵系統和數據。

通過真實案例研究和實用見解,學習如何建立具備抵禦複雜攻擊(如依賴混淆、後門注入和對抗性操控)的韌性供應鏈。無論您是在管理全球軟體運營,還是將DevSecOps整合到您的CI/CD管道中,本書都提供了可行的建議,以加強您的供應鏈的端到端安全。

您將:
- 學習AI和機器學習在增強供應鏈威脅檢測中的角色
- 了解在供應鏈生命周期中嵌入應用安全的最佳實踐
- 理解如何利用物聯網進行安全的實時供應鏈監控和控制

本書的目標讀者通常包括對雲原生應用開發和DevOps實踐感興趣或參與的專業人士和個人。內容將涵蓋雲原生架構的基本原則、DevOps原則,並提供在雲原生環境中構建和維護可擴展且可靠的應用的實用指導。本書的內容將適合尋求深入見解的初學者到中級專業人士。

作者簡介

Aamiruddin Syed is a seasoned security professional specializing in DevSecOps, cloud security, supply chain security, and penetration testing. With dual master's degrees in Cybersecurity from Northeastern University and Jadavpur University, he excels in automating security within CI/CD pipelines and embedding security practices in cloud infrastructure.

A recognized security advocate, Aamiruddin is a frequent speaker at industry conferences, including DEFCON and chairs technical conferences like ICCTICT. His work focuses on integrating security seamlessly into engineering processes, securing products across diverse industries, including manufacturing. He is also an author on supply chain security and a judge for the Globee Cybersecurity Awards.

Beyond his professional endeavours, Aamiruddin contributes to open-source security tools and actively shares knowledge through his podcast, CyberGPT Pulse, and hands-on engagements like TryHackMe challenges.

作者簡介(中文翻譯)

Aamiruddin Syed 是一位資深的安全專業人士,專注於 DevSecOps、雲端安全、供應鏈安全和滲透測試。他擁有來自 Northeastern University 和 Jadavpur University 的雙碩士學位,擅長在 CI/CD 管道中自動化安全性,並將安全實踐嵌入雲端基礎設施中。

作為一位公認的安全倡導者,Aamiruddin 經常在行業會議上發言,包括 DEFCON,並擔任 ICCTICT 等技術會議的主席。他的工作重點是將安全無縫整合進工程流程中,確保各行各業(包括製造業)的產品安全。他也是供應鏈安全的作者,並擔任 Globee Cybersecurity Awards 的評審。

除了專業工作外,Aamiruddin 還貢獻於開源安全工具,並通過他的播客《CyberGPT Pulse》及 TryHackMe 挑戰等實作活動積極分享知識。