Threat-Driven Software Development: Defending online services from modern threat actors

Description

Seasoned security leaders from Microsoft unveil a groundbreaking guide to threat-driven software development for defending online services from modern threat actors

Threat-Driven Software Development: Defending online services from modern threat actors is a practical, field-tested guide authored by Microsoft security leaders Michael Howard, Lee Holmes, Sherrod DeGrippo and Shawn Hernan. Drawing on decades of experience in threat intelligence, red teaming, and secure architecture at scale, the authors describe how to defend against what real adversaries actually do in the field and maps that knowledge through concrete engineering. Grounded in the Microsoft Secure Future Initiative (SFI), and threat intelligence, the book maps attacker behaviors to secure-by-design and secure-by-default principles, identity and secret protection, supply chain and engineering system hardening, isolation, monitoring and detection, and effective red team/response workflows. The book also shows how AI can be applied defensively; augmenting threat modeling, code review, threat detection and response, while helping software teams use AI to ship faster without compromising security. With concise, accessible chapters; each infused with real-world stories and threat intel, readers learn how to prioritize work against nation-state and criminal tradecraft, shape the defensive battlefield, and strengthen the human element. The result is a hands-on playbook that empowers developers and IT professionals to build resilient online services, measurably reduce risk, and stay ahead of modern threat actors.

About This Book

• For software developers, security engineers, and technical leaders seeking a concise, threat-driven playbook to design, build, and operate online services that withstand modern threat actors
• For DevOps and cloud platform teams, architects, and IT professionals looking to prioritize fixes based on risk, harden supply chains and engineering systems, protect identities and secrets, deploy isolation and monitoring, and leverage AI safely

By reading this book, you will:

• Learn how to adapt your systems to support Post Quantum Cryptography
• Learn how adversaries operate to drive concrete defensive decisions across design, coding, testing, deployment, and operations
• Harden your software supply chain and engineering systems, and improve open-source dependency hygiene
• Protect identities and secrets end to end, adopting phishing-resistant multifactor authentication, robust key management, and least-privilege access patterns
• Implement isolation and network guardrails that limit blast radius, contain lateral movement, and keep critical workloads protected
• Establish practical red teaming, incident response, and remediation workflows that create fast feedback loops and measurable risk reduction
• Understand how AI systems are attacked, how adversaries operationalize AI in real campaigns; including how to design, deploy, and defend AI-assisted software safely, as well as how to leverage AI defensively

Sample Content

Table of Contents

Part 1 When Software Meets the Real World

Ch 1 Understanding the Threat Landscape

Ch 2 Security Is More Than One Team

Ch 3 Why Microsoft Adopted SFI

Ch 4 How Operational Security is Different

Ch 5 Understanding the Terrain

Ch 6 Controlling the Terrain

Part 2 The Role of AI in Security

Ch 7 AI Security Backgrounder

Ch 8 How Threat Actors Use AI

Ch 9 Defensive AI

Ch 10 Security Engineering with AI

Part 3 Threats to Systems

Ch 11 Build and Engineering Systems

Ch 12 Identities and Secrets

Ch 13 Production Tenants and Systems

Ch 14 Production Networks

Ch 15 Monitoring, Detecting, and Alerting

Ch 16 Response and Remediation

Ch 17 Product Security

Part 4 Learning from SFI An Implementation Playbook

Ch 18 Crawl, Walk, Run: How to add Security Discipline

Ch 19 Tracking and Quantifying Risk

Ch 20 Reducing Risk

Ch 21 Getting Ahead of Security Vulnerabilities 

Part 5 Some Final Thoughts

Ch 22 Rethinking the Role of C and C++

Ch 23 Are We More Secure Today?

Updates

Submit Errata