Mark S. Merkow, CISSP, CISM, CSSLP, works at WageWorks in Tempe, Arizona, leading application security architecture and engineering efforts in the office of the CISO. Mark has over 40 years of experience in IT in a variety of roles, including application development, systems analysis and design, security engineering, and security management. Mark holds a Master of Science in Decision and Information Systems from Arizona State University (ASU), a Master of Education in Distance Education from ASU, and a Bachelor of Science in Computer Information Systems from ASU. In addition to his day job, Mark engages in a number of extracurricular activities, including consulting, course development, online course instruction, and book writing. Mark has authored or co-authored 17 books on IT and has been a contributing editor to four others. Mark remains very active in the information security community, working in a variety of volunteer roles for the Phoenix Chapter of (ISC)2®, ISACA®, and OWASP. You can find Mark’s LinkedIn® profile at: linkedin.com/in/markmerkow
Modern software development breaks the old ways of security. This book is practical, actionable, relatable, and most importantly, current. It should be required reading for all Agile and DevOps teams.-Ed Adams, Chief Executive Officer, Security Innovation, Inc. Modern software development breaks the old ways of security. This book is practical, actionable, relatable, and most importantly, current. It should be required reading for all Agile and DevOps teams.-Ed Adams, Chief Executive Officer, Security Innovation, Inc. Secure, Resilient, and Agile Software development is in touch with where the modern software development world is today and highlights the importance of security in a DevOps world. Mark captures the essence of how to educate developers and connect with them as Security Champions and the importance of a strong organizational security culture. Education, requirements, secure design principles, threat modeling, defensive programming, testing, code review, tools, and metrics; this book has it all. This book is a reference for those starting new programs, and for established programs that need new ideas.-Chris Romeo, CEO of Security Journey, co-host of the Application Security Podcast