Get Free Shipping on orders over $0
Secure Engineering : ISO 27001 for Software Companies, #3 - Harald Messemer

Secure Engineering

ISO 27001 for Software Companies, #3

By: Harald Messemer

eBook | 29 May 2026

At a Glance

eBook


$39.99

or 4 interest-free payments of $10.00 with

 or 

Instant Digital Delivery to your Kobo Reader App

Security controls only work in software companies when they become part of how engineers design, build, test, and ship. Volume 2 translates ISO/IEC 27001:2022 into day-to-day engineering practices, so your ISMS strengthens delivery instead of slowing it down.

What you'll get:
- Secure SDLC patterns that work in agile teams (standards, reviews, guardrails)
- CI/CD + build hardening, including source code and artifact integrity
- Practical AppSec testing strategy (where SAST/DAST/IAST fits, and where it doesn't)
- Supply-chain risk management for dependencies and third-party components
- Secrets + key management, and access control for developer tooling
- Vulnerability management loop tied to risk treatment and measurable remediation

What it helps you produce: engineering-friendly standards, repeatable controls, and evidence that is generated by your delivery pipeline — not by manual "compliance chores".

Typical questions this volume answers:
- What does "secure by default" look like in agile teams that ship weekly or daily?
- How do we harden CI/CD and protect source code + build artifacts?
- Where do SAST/DAST/IAST fit (and where do they create noise)?
- How do we treat software supply chain risk in a way that auditors accept?

Who it's for: engineering and security teams that want "secure by default" delivery with auditable evidence.

on

More in Data Encryption

From Boardroom to Build
 - Carlos Cabrera

eBOOK

RRP $16.49

$15.99