Threat Modeling - Jim DelGrosso
Threat Modeling, by Jim DelGrosso
The session begins by describing the threat model process we use at Cigital. We will walk through an in-class example applying the process to identify potential flaws in a system.
Learning objectives
+ Describe terminology used when threat modeling
+ Describe a process for threat modeling a system
+ Perform a threat model for some fictitious system
Jim DelGrosso is a Principal Consultant at Cigital with over 30 years of experience working for software development and consulting organizations.
At Cigital, Jim heads up the Architecture Analysis practice with the mission to analyze the architecture and design of systems to identify flaws and provide our customers contextual guidance to remediate or mitigate those flaws.
Видео Threat Modeling - Jim DelGrosso канала secappdev.org
The session begins by describing the threat model process we use at Cigital. We will walk through an in-class example applying the process to identify potential flaws in a system.
Learning objectives
+ Describe terminology used when threat modeling
+ Describe a process for threat modeling a system
+ Perform a threat model for some fictitious system
Jim DelGrosso is a Principal Consultant at Cigital with over 30 years of experience working for software development and consulting organizations.
At Cigital, Jim heads up the Architecture Analysis practice with the mission to analyze the architecture and design of systems to identify flaws and provide our customers contextual guidance to remediate or mitigate those flaws.
Видео Threat Modeling - Jim DelGrosso канала secappdev.org
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Threat Modeling: uncover vulnerabilities without looking at code - Chris Romeo
Value Driven Threat Modeling - Avi Douglen - AppSecUSA 2018
What is Threat Modeling and Why Is It Important?
1. Introduction, Threat Models
The OWASP Top Ten Proactive Controls - Jim Manico
Threat Modeling in 2019
Attack Trees Presentation InfoSec 20/21 UIBK
Stephen De Vries - Threat Modeling With Architectural Risk Patterns - AppSecUSA 2016
APPSEC Cali 2018 - Threat Modeling Toolkit
Threat Modeling 101
Black Hat USA 2010: Elevation of Privilege: The Easy way to Threat Model 2/2
A day in the life of a malware analyst - Didier Stevens
Introduction to Reverse Engineering for Penetration Testers – SANS Pen Test HackFest Summit 2017
July 2017 - Ben Gardiner - Threat Assessment and Attack Trees
Top 10 Cyber Threat Intelligence Tools
Threat Modeling Tool Principles
Threat modeling using STRIDE and Attack Trees
The Web's Security Model in 2017 - Philippe De Ryck
AppSecCali 2019 - Threat Model Every Story: Practical Continuous Threat Modeling Work for Your Team
Training session - Threat Modeling by James Bore (1 Jun 2020)