2nd Edition

Official (ISC)2 Guide to the CSSLP CBK

By Mano Paul Copyright 2014
    800 Pages 147 B/W Illustrations
    by Auerbach Publications

    Application vulnerabilities continue to top the list of cyber security concerns. While attackers and researchers continue to expose new application vulnerabilities, the most common application flaws are previous, rediscovered threats. For example, SQL injection and cross-site scripting (XSS) have appeared on the Open Web Application Security Project (OWASP) Top 10 list year after year over the past decade. This high volume of known application vulnerabilities suggests that many development teams do not have the security resources needed to address all potential security flaws and a clear shortage of qualified professionals with application security skills exists. Without action, this soft underbelly of business and governmental entities has and will continue to be exposed with serious consequences—data breaches, disrupted operations, lost business, brand damage, and regulatory fines. This is why it is essential for software professionals to stay current on the latest advances in software development and the new security threats they create.

    Recognized as one of the best application security tools available for professionals involved in software development, the Official (ISC) Guide to the CSSLP® CBK®, Second Edition, is both up-to-date and relevant, reflecting the latest developments in this ever-changing field and providing an intuitive approach to the CSSLP Common Body of Knowledge (CBK). It provides a robust and comprehensive study of the 8 domains of the CBK, covering everything from ensuring software security requirements are included in the software design phase to programming concepts that can effectively protect software from vulnerabilities to addressing issues pertaining to proper testing of software for security, and implementing industry standards and practices to provide a high level of assurance that the supply chain is secure—both up-stream. The book discusses the issues facing software professionals today, such as mobile app development, developing in the cloud, software supply chain risk management, and more.

    Numerous illustrated examples and practical exercises are included in this book to help the reader understand the concepts within the CBK and to enable them to apply these concepts in real-life situations. Endorsed by (ISC)2 and written and reviewed by CSSLPs and other (ISC)2 members, this book serves as an unrivaled study tool for the certification exam and an invaluable career reference. Earning your CSSLP is an esteemed achievement that validates your efforts in security leadership to help your organization build resilient software capable of combating the security threats of today and tomorrow.

    Domain 1 - Secure Software Concepts
    Holistic Security
    Implementation Challenges
    Iron Triangle Constraints
    Security as an Afterthought
    Security vs. Usability
    Quality and Security
    Security Profile – What Makes Software Secure?
    Core Security Concepts
    Design Security Concepts
    Risk Management
    Terminology and Definitions
    Risk Management for Software
    Handling Risk
    Risk Management Concept: Summary
    Security Policies: The ‘What’ and ‘Why’ for Security
    Scope of the Security Policies
    Prerequisites for Security Policy Development
    Security Policy Development Process
    Security Standards
    Types of Security Standards
    Internal Coding Standards
    NIST Standards
    Federal Information Processing (FIPS) standards
    ISO Standards
    PCI Standards
    Organization for the Advancement of Structured Information Standards (OASIS)
    Benefits of Security Standards
    Best Practices
    Open Web Application Security Project (OWASP)
    Information Technology Infrastructure Library (ITIL)
    Software Development Methodologies
    Waterfall Model
    Iterative Model
    Spiral Model
    Agile Development Methodologies
    Software Assurance Methodologies
    Socratic Methodology
    Six Sigma (6 σ) Capability Maturity Model Integration (CMMI)
    Operationally Critical Threat, Asset and Vulnerability Evaluation (OCTAVE®)
    Open Source Security Testing Methodology Manual (OSSTMM)
    Flaw Hypothesis Method (FHM)
    Enterprise Application and Security Frameworks
    Zachman Framework
    Control Objectives for Information and related Technology (COBIT®)
    Committee of Sponsoring Organizations (COSO)
    Sherwood Applied Business Security Architecture (SABSA)
    Regulations, Privacy and Compliance
    Significant Regulations and Privacy Acts
    Sarbanes-Oxley Act (SOX)
    Gramm-Leach-Bliley Act (GLB Act)
    Health Insurance Portability and Accountability Act (HIPAA)
    Data Protection Act
    Computer Misuse Act
    Mobile Device Privacy Act
    State Security Breach Laws
    Privacy and Software Development
    Data Anonymization
    Security Models
    Trusted Computing
    Ring Protection
    Trust Boundary (or Security Perimeter)
    Trusted Computing Base (TCB)
    Reference Monitor

    Domain 2 - Secure Software Requirements
    Sources for Security Requirements
    Types of Security Requirements
    Core Security Requirements
    General Requirements
    Operational Requirements
    Other Requirements
    Protection Needs Elicitation (PNE)
    Surveys (Questionnaires and Interviews)
    Policy Decomposition
    Data Classification
    Subject/Object Matrix
    Use Case & Misuse Case Modeling
    Requirements Traceability Matrix (RTM)

    Domain 3 - Secure Software Design
    The Need for Secure Design
    Flaws versus Bugs
    Architecting Software with Core Security Concepts
    Confidentiality Design
    Integrity Design
    Availability Design
    Authentication Design
    Authorization Design
    Accountability Design
    Architecting Software with Secure Design Principles
    Least Privilege
    Separation of Duties
    Defense in Depth
    Fail Secure
    Economy of Mechanisms
    Complete Mediation
    Open Design
    Least Common Mechanisms
    Psychological Acceptability
    Weakest Link
    Leveraging Existing Components
    Balancing Secure Design Principles
    Other Design Considerations
    Interface Design
    Design Processes
    Attack Surface Evaluation
    Threat Modeling
    Mainframe Architecture
    Distributed Computing
    Service Oriented Architecture
    Rich Internet Applications
    Pervasive/Ubiquitous Computing
    Cloud Computing
    Mobile Applications
    Integration with Existing Architectures
    Identity Management
    Credential Management
    Flow Control
    Auditing (Logging)
    Trusted Computing
    Database Security
    Programming Language Environment
    Operating Systems
    Embedded Systems
    Secure Design and Architecture Review

    Domain 4 - Secure Software Implementation/Coding
    Who is to be Blamed for Insecure Software?
    Fundamental Concepts of Programming
    Computer Architecture
    Evolution of Programming Languages
    Common Software Vulnerabilities and Controls
    Buffer Overflow
    Stack Overflow
    Heap Overflow
    Injection Flaws
    Broken Authentication and Session Management
    Cross-Site Scripting (XSS)
    Non-persistent or Reflected XSS
    Persistent or Stored XSS
    DOM based XSS
    Insecure Direct Object References
    Security Misconfiguration
    Sensitive Data Exposure
    Missing Function Level Checks
    Cross-Site Request Forgery (CSRF)
    Using Known Vulnerable Components
    Unvalidated Redirects and Forwards
    File Attacks
    Race Condition
    Side Channel Attacks
    Defensive Coding Practices – Concepts and Techniques
    Input Validation
    Error Handling
    Safe APIs
    Memory Management
    Exception Management
    Session Management
    Configuration Parameters Management
    Secure Startup
    Secure Software Processes
    Version (Configuration Management)
    Code Analysis
    Code/Peer Review
    Securing Build Environments

    Domain 5 -Secure Software Testing
    Quality Assurance
    Testing Artifacts
    Test Strategy
    Test Plan
    Test Case
    Test Script
    Test Suite
    Test Harness
    Types of Software QA Testing
    Functional Testing
    Non-Functional Testing
    Other Testing
    Attack Surface Validation (Security Testing)
    Motives, Opportunities and Means
    Testing of Security Functionality versus Security Testing
    The Need for Security Testing
    Security Testing Methods
    White Box Testing
    Black Box Testing
    White Box Testing versus Black Box Testing
    Types of Security Testing
    Cryptographic Validation Testing
    Software Security Testing
    Testing for Input Validation
    Testing for Injection Flaws Controls
    Testing for Scripting Attacks Controls
    Testing for Non-repudiation Controls
    Testing for Spoofing Controls
    Testing for Error and Exception Handling Controls (Failure Testing)
    Testing for Privileges Escalations Controls
    Anti-Reversing Protection Testing
    Tools for Security Testing
    Test Data Management
    Defect Reporting and Tracking
    Reporting Defects
    Tracking Defects
    Impact Assessment and Corrective Action

    Domain 6 - Software Acceptance
    Guidelines for Software Acceptance
    Benefits of Accepting Software Formally
    Software Acceptance Considerations
    Completion Criteria
    Change Management
    Approval to Deploy or Release
    Risk Acceptance and Exception Policy
    Documentation of Software
    Verification and Validation (V&V)
    Certification and Accreditation (C&A)

    Domain 7 - Software Deployment, Operations, Maintenance, and Disposal
    Installation and Deployment
    Environment Configuration
    Release Management
    Bootstrapping and Secure Startup
    Operations and Maintenance
    Incident Management
    Problem Management
    Change Management
    Backups, Recovery and Archiving
    End-of-Life Policies
    Sun-Setting Criteria
    Sun-setting Processes
    Information Disposal and Media Sanitization

    Domain 8 - Supply Chain and Software Acquisition
    Software Acquisition and the Supply Chain
    Acquisition Lifecycle
    Software Acquisition Models and Benefits
    Supply Chain Software Goals
    Threats to Supply Chain Software
    Software Supply Chain Risk Management (SCRM)
    Supplier Risk Assessment and Management
    Supplier Sourcing
    Contractual Controls
    Intellectual Property (IP) Ownership and Responsibilities
    Types of Intellectual Property (IP)
    Licensing (Usage and Redistribution Terms)
    Software Development and Testing
    Assurance Requirement Conformance Validation
    Code Review
    Code Repository Security
    Build Tools and Environment Integrity
    Testing for Code Security
    Software SCRM during Acceptance
    Anti-Tampering Resistance and Controls
    Authenticity and Anti-Counterfeiting Controls
    Supplier Claims Verification
    Software SCRM during Delivery (Handover)
    Chain of Custody
    Secure Transfer
    Code Escrows
    Export Control and Foreign Trade Data Regulations Compliance
    Software SCRM during Deployment (Installation/Configuration)
    Secure Configuration
    Perimeter (Network) Security Controls
    System-of-Systems (SoS) Security
    Software SCRM during Operations and Maintenance
    Runtime Integrity Assurance
    Patching and Upgrades
    Termination Access Controls
    Custom Code Extensions Checks
    Continuous Monitoring and Incident Management
    Software SCRM during Retirement

    Answers to Review Questions
    Security Models
    Threat Modeling
    Commonly Used Opcodes in Assembly
    HTTP/1.1 Status Codes and Reason Phrases (IETF RFC 2616)
    Security Testing Tools


    Mano Paul (SecuRisk Solutions, Pflugerville, Texas, USA) (Author)