Threat Modeling: uncover vulnerabilities without looking at code - Chris Romeo
Threat modeling is an approach for analyzing the security of an application. Threat modeling is a learned security skill where developers find security issues and mitigate the problems before writing a single line of code. Threat modeling consists of drawing a simple data flow diagram, analyzing the design for security threats using STRIDE, and mitigation of any found issues. The Instructor surveys available threat modeling tools that participants could use within their organizations to perform threat modeling.
This session begins with a short lecture covering the basics of threat modeling and the steps for successful threat modeling. Participants perform threat modeling on whiteboards in small teams for the majority of the session. At the conclusion, participants share their findings.
NDC Conferences
https://ndctechtown.com
https://ndcconferences.com
Видео Threat Modeling: uncover vulnerabilities without looking at code - Chris Romeo канала NDC Conferences
This session begins with a short lecture covering the basics of threat modeling and the steps for successful threat modeling. Participants perform threat modeling on whiteboards in small teams for the majority of the session. At the conclusion, participants share their findings.
NDC Conferences
https://ndctechtown.com
https://ndcconferences.com
Видео Threat Modeling: uncover vulnerabilities without looking at code - Chris Romeo канала NDC Conferences
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
OWASP Based Threat Modelling: Creating A Feedback Model In An Agile Environment - Chaitanya BhattArchitecture: The Stuff That's Hard to Change - Dylan BeattieSomething Something Security - Troy HuntA Cloud Security Architecture WorkshopThe Cycle of Cyber Threat IntelligenceTell Me About Yourself - A Good Answer to This Interview QuestionVisualise, document and explore your software architecture - Simon BrownThreat Intelligence At Microsoft: A Look Inside - Cyber Threat Intelligence Summit 20171. Introduction, Threat ModelsThe End of the Universe - with Geraint LewisThreat Modeling in 2019Demystifying 5G Security through Threat ModelingMichael Feathers Working Effectively with Legacy CodeExploiting Network PrintersThreat Modeling - Jim DelGrossoThreat Modeling Exercise: EOP Card GameContent Security Policy (CSP) | What is the difference between CORS and CSP?Fuzzing with AFL - Erlend OftedalIT-SECX 2019 | Keynote - Adam Shostack: Threat Modeling Lessons from Star WarsThreat Modeling 101