Threat Modeling Cloud Apps - What You Don't Know Will Hurt You

Threat Modeling Cloud Apps - What You Don't Know Will Hurt You

LASCON via YouTube Direct link

Using S3 Storage Use Case

6 of 23

6 of 23

Using S3 Storage Use Case

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Threat Modeling Cloud Apps - What You Don't Know Will Hurt You

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Threat Modeling Cloud Applications - What you Don't Know Will Hurt You
  2. 2 Agenda Cloud Terminology and Background Threat Modeling Basics
  3. 3 NIST Cloud Definition Framework
  4. 4 What is a Threat Model A model of the a software system that depicts
  5. 5 Threat Modeling - High-level process Diagram the System Structure 2 Idently Assets and Security Controls
  6. 6 Using S3 Storage Use Case
  7. 7 Classic Architecture: Primary with DR Site
  8. 8 Cloud Architecture: Augment DR with AWS
  9. 9 Threat Modeling - High-level process 1 Diagram the System Structure 2 Identity Assets and Security Controls
  10. 10 What Does Cloud Do to Our Threat Model?
  11. 11 To the Cloud - New Application Structure
  12. 12 Identify the Assets and Security Controls
  13. 13 AWS Security Control Differences
  14. 14 EC2 Security Groups An EC2 Security Group is a set of ACCEPT firewall
  15. 15 Integration with Enterprise Authentication Stand alone application mechanism means that the user store must be provisioned
  16. 16 Elasticity Drives Change
  17. 17 Most Common AWS Security Credentials Purpose
  18. 18 S3 ACLs and Bucket Policies
  19. 19 Using S3 Drives Design Changes
  20. 20 Cloud "Doomsday" Scenarios to consider Reprioritized or Changed by Cloud
  21. 21 Additional Attackers
  22. 22 Enumeration and Risk Management
  23. 23 Conclusion

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.