Skip to Main Content
Learn for less: Save 25% on high-quality instructor-led and self-paced foundation training. Find out more

Sorry, the page you're looking for cannot be found

 You may not have been able to visit your page because of:

   1. An out-of-date bookmark/favourite
   2. A search engine that has an out-of-date listing
   3. A mistyped address
   4. You don't have access to this page
   5. The requested resource was not found
   6. An error has occurred whilst processing your request

Are you looking for:

LMS_IndividualLicenseCourseBookingConfirmationEmail
How to access your staff awareness course(s)
Stripe.Subscription.DeleteRecurringItemAlert
Delete Recurring Item Alert
Stripe.Subscription.DeleteRecurringItemConfirmation
Delete Recurring Item Confirmation
Agile - An Executive guide, Second edition
Overview

The true power of Agile methods is not technology; it is business value generation.

Use Agile methods to turn your IT challenges into high-value returns

All too often, IT solutions are plagued by budget overruns, missed deadlines, low-quality outputs and dissatisfied users. Agile methods are proven, common-sense approaches for substantially increasing the relevance, quality, flexibility and bottom-line business value of your software solutions.


Quantify and measure the benefits that Agile methods can deliver to your organisation.

Agile methodologies such as Scrum, DSDM, FDD, Lean, XP and Kanban, are proven approaches for applying the finite resources of an organisation to deliver high business-value software solutions on time and within allocated budgets.

These methodologies protect organisations from wasting their IT budgets by replacing large upfront financial commitments with incremental investment based on the ongoing business value of the delivered software. They encourage ongoing collaboration with key stakeholders, empower staff to regularly deliver fully functional and fully tested capabilities, and ensure that the IT solutions delivered are responsive to ongoing organisational and market changes.


Read this guide and:

  • Understand the ten core business benefits of Agile and how they can significantly improve your organisation.
  • At the heart of Agile methods are ten core business benefits that enable organisations to maximise their IT investments, including better risk management, ongoing control of budget expenditure, better alignment with business requirements and substantially higher quality IT solutions. Agile: An Executive Guide details each of these benefits from a strategic senior management perspective and identifies which of the most popular Agile methods do (and do not) deliver these benefits.

  • Identify which Agile methods align with the specific needs of your organisation and your projects.
  • Agile: An Executive Guide provides you with tools to assess your organisational culture, structure and dynamic in order to determine whether Agile methods are suitable to your specific needs, and to select those Agile methods that are the best fit for your organisation and your projects.

  • Get the essential information you need to successfully implement Agile within your organisation.
  • Agile: An Executive Guide is full of practical advice, including detailed guidelines to help you choose the right kick-off point for Agile within your organisation, avoid common traps, monitor and measure your investment, and broaden the use of Agile methods into other areas of your organisation. It includes step-by-step guidelines, interactive tools and targeted questionnaires to help you and your staff successfully implement these methods.

Agile: An Executive Guide describes Agile methods in clear business language specifically written for professionals. It will help you make realistic business-driven decisions on whether Agile methods are appropriate for your organisation; whether you are looking to reduce your IT overheads, provide better software solutions to your clients, or have more control over your IT expenditures. This guide provides practical, proven ways to introduce, incorporate and leverage Agile methods to maximise your business returns.

Agile methods have been helping organisations turn their IT overheads into high-value returns for over 20 years. Buy this pocket guide today and turn your IT budgets into real, measurable, high-value results for your organisation.

About the author

Jamie Lynn Cooke

Jamie Lynn Cooke has 25 years of experience as a senior business analyst, project manager and solutions consultant, working with over 130 public and private sector organisations throughout Australia, Canada and the United States.

Jamie has been working hands-on with Agile methods since 2003, and has researched hundreds of books and articles on Agile topics. She is a signatory to the Agile Manifesto, has attended numerous Agile seminars, and has worked with prominent consultants to promote Agile methods to numerous organisations worldwide.

She is also a well-regarded speaker on both business and technology topics, most recently presenting on topics such as Getting Management and Customer Support for Using Agile and When is Agile Not the Answer? at the Business Process Modelling World Conference in Brisbane, Australia and at the AgileCanberra professional forums.

Application Security in the ISO 27001 2013 Environment - Second edition
Overview

Web application security as part of an ISO 27001-compliant information security management system

Web application vulnerabilities are a common point of intrusion for cyber criminals. As cyber security threats proliferate and attacks escalate, and as applications play an increasingly critical role in business, organisations urgently need to focus on web application security to protect their customers, their interests and their assets.

Although awareness of the need for web application security is increasing, security levels are nowhere near enough: according to the 2015 Trustwave Global Security Report, 98% of tested web applications were vulnerable to attack.

SMEs in particular should be very concerned about web application security: many use common, off-the-shelf applications and plugins – such as Internet Explorer, Java, Silverlight, and Adobe Reader and Flash Player – which often contain exploitable vulnerabilities.

Application Security in the ISO 27001:2013 Environment explains how organisations can implement and maintain effective security practices to protect their web applications – and the servers on which they reside – as part of a wider information security management system by following the guidance set out in the international standard for information security management, ISO 27001.

The book describes the methods used by criminal hackers to attack organisations via their web applications and provides a detailed explanation of how you can combat such attacks by employing the guidance and controls set out in ISO 27001.


Product overview

  • Second edition, updated to reflect ISO 27001:2013 as well as best practices relating to cryptography, including the PCI SSC’s denigration of SSL in favour of TLS.
  • Provides a full introduction to ISO 27001 and information security management systems, including implementation guidance.
  • Describes risk assessment, management and treatment approaches.
  • Examines common types of web app security attack, including injection attacks, cross-site scripting, and attacks on authentication and session management, explaining how each can compromise ISO 27001 control objectives and showing how to test for each attack type.
  • Discusses the ISO 27001 controls relevant to application security.
  • Lists useful web app security metrics and their relevance to ISO 27001 controls.
  • Provides a four-step approach to threat profiling, and describes application security review and testing approaches.
  • Sets out guidelines and the ISO 27001 controls relevant to them, covering:
    • input validation
    • authentication
    • authorisation
    • sensitive data handling and the use of TLS rather than SSL
    • session management
    • error handling and logging
  • Describes the importance of security as part of the web app development process
About the author

Vinod Vasudevan

Vinod Vasudevan, CISSP, is the chief technology officer (CTO) at Paladion. Before co-founding Paladion, Vinod worked with Microsoft. He wrote the chapter ‘Application Security and ISO27001’.

Anoop Mangla

Anoop Mangla is a risk specialist in banking and finance, and an expert on the effectiveness of security technologies in organisations’ security. He wrote the chapter ‘Introduction to Application Security Threats’.

Firosh Ummer

Firosh Ummer, CISA, ISO27001 LA, CBCP, BS15000 LA, is co-founder of Paladion and head of the ISO 27001 consulting practice. Firosh wrote the chapter ‘Threat Profiling and Security Testing’.

Sachin Shetty

Sachin Shetty, CISSP, is a senior application security engineer with Paladion. He wrote the chapter ‘Attacks on Applications’.

Sangita Pakala

Sangita Pakala, GCIH, is Head of Application Security Projects at Paladion. She wrote the chapter ‘Secure Development Lifecycle’.

Siddharth Anbalahan

Siddharth Anbalahan is a senior application security engineer. He has developed anti-phishing toolkits to enable banks to detect phishing attacks in real time. Siddharth wrote the chapter ‘Secure Coding Guidelines’.

This website uses cookies. View our cookie policy
SAVE 25% ON
FOUNDATION TRAINING
Loading...