Threat Modeling - Jim DelGrosso
Threat Modeling, by Jim DelGrosso
The session begins by describing the threat model process we use at Cigital. We will walk through an in-class example applying the process to identify potential flaws in a system.
Learning objectives
+ Describe terminology used when threat modeling
+ Describe a process for threat modeling a system
+ Perform a threat model for some fictitious system
Jim DelGrosso is a Principal Consultant at Cigital with over 30 years of experience working for software development and consulting organizations.
At Cigital, Jim heads up the Architecture Analysis practice with the mission to analyze the architecture and design of systems to identify flaws and provide our customers contextual guidance to remediate or mitigate those flaws.
Видео Threat Modeling - Jim DelGrosso канала secappdev.org
The session begins by describing the threat model process we use at Cigital. We will walk through an in-class example applying the process to identify potential flaws in a system.
Learning objectives
+ Describe terminology used when threat modeling
+ Describe a process for threat modeling a system
+ Perform a threat model for some fictitious system
Jim DelGrosso is a Principal Consultant at Cigital with over 30 years of experience working for software development and consulting organizations.
At Cigital, Jim heads up the Architecture Analysis practice with the mission to analyze the architecture and design of systems to identify flaws and provide our customers contextual guidance to remediate or mitigate those flaws.
Видео Threat Modeling - Jim DelGrosso канала secappdev.org
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Threat Modeling: uncover vulnerabilities without looking at code - Chris RomeoValue Driven Threat Modeling - Avi Douglen - AppSecUSA 2018What is Threat Modeling and Why Is It Important?1. Introduction, Threat ModelsThe OWASP Top Ten Proactive Controls - Jim ManicoThreat Modeling in 2019Attack Trees Presentation InfoSec 20/21 UIBKStephen De Vries - Threat Modeling With Architectural Risk Patterns - AppSecUSA 2016APPSEC Cali 2018 - Threat Modeling ToolkitThreat Modeling 101Black Hat USA 2010: Elevation of Privilege: The Easy way to Threat Model 2/2A day in the life of a malware analyst - Didier StevensIntroduction to Reverse Engineering for Penetration Testers – SANS Pen Test HackFest Summit 2017July 2017 - Ben Gardiner - Threat Assessment and Attack TreesTop 10 Cyber Threat Intelligence ToolsThreat Modeling Tool PrinciplesThreat modeling using STRIDE and Attack TreesThe Web's Security Model in 2017 - Philippe De RyckAppSecCali 2019 - Threat Model Every Story: Practical Continuous Threat Modeling Work for Your TeamTraining session - Threat Modeling by James Bore (1 Jun 2020)