فهرست مطالب

• Cover
• Copyright
• Table of Contents
• Preface
• Part I. Concepts
• Chapter 1. Introduction
• Foundational Security Techniques
• Architect Roles for Security
• Book Structure
• Summary
• Further Reading
• Exercises
• Chapter 2. Architecture Concepts
• From Design Thinking to Compliance
• Enterprise and Solution Architecture
• Zero Trust Architecture
• Technique: Enterprise Security Architecture
• Summary
• Exercises
• Part II. Plan
• Chapter 3. Enterprise Context
• Chapter Artifacts
• External Context
• Internal Context
• Summary
• Exercises
• Chapter 4. Requirements and Constraints
• Chapter Artifacts
• Requirements Concepts
• Specifying Functional Requirements
• Case Study: Process Definition
• Specifying Non-Functional Requirements
• Case Study: Specifying a Requirements Catalog
• Requirements Traceability
• Summary
• Exercises
• Part III. Design
• Chapter 5. System Context
• Chapter Artifacts
• Data Protection
• System Context Diagram
• Case Study: System Context Diagram
• Information Asset Register
• Summary
• Exercises
• Chapter 6. Application Security
• Chapter Artifacts
• Functional Viewpoint
• Component Architecture
• Case Study: Component Architecture
• Security Concepts
• Threat Modeling
• Case Study: Threat Model
• Summary
• Exercises
• Chapter 7. Shared Responsibilities
• Chapter Artifacts
• Cloud Computing Concepts
• Shared Responsibilities Model
• Case Study: Shared Responsibility Model
• Summary
• Exercises
• Chapter 8. Infrastructure Security
• Chapter Artifacts
• Deployment Viewpoint
• Case Study: Deployment Architecture Diagram
• Zero Trust-Based Security Infrastructure
• Case Study: Zero Trust
• Cloud Architecture
• Case Study: Cloud Architecture Diagram
• Summary
• Exercises
• Chapter 9. Architecture Patterns and Decisions
• Chapter Artifacts
• Architecture Patterns
• Deployable Architecture
• Architectural Decisions
• Case Study: Architectural Decision
• Summary
• Exercises
• Part IV. Build
• Chapter 10. Secure Development and Assurance
• Chapter Artifacts
• The Software Development Lifecycle
• From DevOps to DevSecOps
• Security Assurance
• Cloud Security Operating Model
• Risks, Assumptions, Issues, and Dependencies
• Case Study: RAID Log
• Summary
• Exercises
• Part V. Run
• Chapter 11. Security Operations
• Chapter Artifacts
• Shared Responsibilities
• Defining Processes, Procedures, and Work Instructions
• Case Study: Vulnerability Management Service
• Case Study: Deployment Architecture Update
• Threat Detection Use Case
• Case Study: Threat Detection Use Case
• Incident Response Runbook
• Case Study: Incident Response Runbook
• Threat Traceability Matrix
• Summary
• Exercises
• Part VI. Close
• Chapter 12. Closing Thoughts
• Getting Started
• Artificial Intelligence in Security Architecture
• Summary
• Go Learn, Practice, and Share
• Exercises
• Appendix A. Case Study
• Appendix B. Artifact Mapping
• Appendix C. Exercise Solutions
• Index
• About the Authors
• Colophon