What do you think?
Rate this book
Dramatically Reducing Software Vulnerabilities: NiSTIR 8151
NISTIR 8151 November 2016
The call for a dramatic reduction in software vulnerability is heard from multiple sources, recently from the February 2016 Federal Cybersecurity Research and Development Strategic Plan. This plan starts by describing well known current systems perform increasingly vital tasks and are widely known to possess vulnerabilities. These vulnerabilities are often not easy to discover and difficult to correct. Cybersecurity has not kept pace, and the pace that is needed is rapidly accelerating. The goal of this report is to present a list of specific technical approaches that have the potential to make a dramatic difference in reducing vulnerabilities – by stopping them before they occur, by finding them before they are exploited or by reducing their impact.
Why buy a book you can download for free?
First you gotta find it and make sure it’s the latest version (not always easy). Then you gotta print it using a network printer you share with 100 other people – and its outta paper – and the toner is low (take out the toner cartridge, shake it, then put it back). If it’s just 10 pages, no problem, but if it’s a 250-page book, you will need to punch 3 holes in all those pages and put it in a 3-ring binder. Takes at least an hour. An engineer that’s paid $75 an hour has to do this himself (who has assistant’s anymore?).
If you are paid more than $10 an hour and use an ink jet printer, buying this book will save you money.
It’s much more cost-effective to just order the latest version from Amazon.com
This book is published by 4th Watch Books and includes copyright material. We publish compact, tightly-bound, full-size books (8 ½ by 11 inches), with glossy covers. 4th Watch Books is a Service Disabled Veteran-Owned Small Business (SDVOSB), and is not affiliated with the National Institute of Standards and Technology.
For more titles published by 4th Watch Books, please cybah.webplus.net
A full copy of all the pertinent cybersecurity standards is available on DVD-ROM in the CyberSecurity Standards Library disc which is available at Amazon.com.
NIST SP 500-299 NIST Cloud Computing Security Reference Architecture
NIST SP 500-291 NIST Cloud Computing Standards Roadmap Version 2
NIST SP 500-293 US Government Cloud Computing Technology Roadmap Volume 1 & 2
NIST SP 500-293 US Government Cloud Computing Technology Roadmap Volume 3 DRAFT
NIST SP 1800-8 Securing Wireless Infusion Pumps
NISTIR 7497 Security Architecture Design Process for Health Information Exchanges (HIEs)
NIST SP 800-66 Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule
NIST SP 1800-1 Securing Electronic Health Records on Mobile Devices
NIST SP 800-177 Trustworthy Email
NIST SP 800-184 Guide for Cybersecurity Event Recovery
NIST SP 800-190 Application Container Security Guide
NIST SP 800-193 Platform Firmware Resiliency Guidelines
NIST SP 1800-1 Securing Electronic Health Records on Mobile Devices
NIST SP 1800-2 Identity and Access Management for Electric Utilities
NIST SP 1800-5 IT Asset Financial Services
NIST SP 1800-6 Domain Name Systems-Based Electronic Mail Security
NIST SP 1800-7 Situational Awareness for Electric Utilities
The call for a dramatic reduction in software vulnerability is heard from multiple sources, recently from the February 2016 Federal Cybersecurity Research and Development Strategic Plan. This plan starts by describing well known current systems perform increasingly vital tasks and are widely known to possess vulnerabilities. These vulnerabilities are often not easy to discover and difficult to correct. Cybersecurity has not kept pace, and the pace that is needed is rapidly accelerating. The goal of this report is to present a list of specific technical approaches that have the potential to make a dramatic difference in reducing vulnerabilities – by stopping them before they occur, by finding them before they are exploited or by reducing their impact.
Why buy a book you can download for free?
First you gotta find it and make sure it’s the latest version (not always easy). Then you gotta print it using a network printer you share with 100 other people – and its outta paper – and the toner is low (take out the toner cartridge, shake it, then put it back). If it’s just 10 pages, no problem, but if it’s a 250-page book, you will need to punch 3 holes in all those pages and put it in a 3-ring binder. Takes at least an hour. An engineer that’s paid $75 an hour has to do this himself (who has assistant’s anymore?).
If you are paid more than $10 an hour and use an ink jet printer, buying this book will save you money.
It’s much more cost-effective to just order the latest version from Amazon.com
This book is published by 4th Watch Books and includes copyright material. We publish compact, tightly-bound, full-size books (8 ½ by 11 inches), with glossy covers. 4th Watch Books is a Service Disabled Veteran-Owned Small Business (SDVOSB), and is not affiliated with the National Institute of Standards and Technology.
For more titles published by 4th Watch Books, please cybah.webplus.net
A full copy of all the pertinent cybersecurity standards is available on DVD-ROM in the CyberSecurity Standards Library disc which is available at Amazon.com.
NIST SP 500-299 NIST Cloud Computing Security Reference Architecture
NIST SP 500-291 NIST Cloud Computing Standards Roadmap Version 2
NIST SP 500-293 US Government Cloud Computing Technology Roadmap Volume 1 & 2
NIST SP 500-293 US Government Cloud Computing Technology Roadmap Volume 3 DRAFT
NIST SP 1800-8 Securing Wireless Infusion Pumps
NISTIR 7497 Security Architecture Design Process for Health Information Exchanges (HIEs)
NIST SP 800-66 Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule
NIST SP 1800-1 Securing Electronic Health Records on Mobile Devices
NIST SP 800-177 Trustworthy Email
NIST SP 800-184 Guide for Cybersecurity Event Recovery
NIST SP 800-190 Application Container Security Guide
NIST SP 800-193 Platform Firmware Resiliency Guidelines
NIST SP 1800-1 Securing Electronic Health Records on Mobile Devices
NIST SP 1800-2 Identity and Access Management for Electric Utilities
NIST SP 1800-5 IT Asset Financial Services
NIST SP 1800-6 Domain Name Systems-Based Electronic Mail Security
NIST SP 1800-7 Situational Awareness for Electric Utilities
66 pages, Paperback
Published November 30, 2016
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
No one has reviewed this book yet.