Completed
If there isn't a reason, stop doing it
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Adaptive Threat Modeling
Automatically move to the next video in the Classroom when playback concludes
- 1 Adaptive Threat Modeling
- 2 If there isn't a reason, stop doing it
- 3 It's the reason you're doing this!
- 4 Security should always come with purpose and intent
- 5 How do we understand threats?
- 6 Threat modeling is a procedure for optimizing network Security by identifying objectives and vulnerabilities, and then defining countermeasures to prevent, or mitigate the effects of threats to the s…
- 7 Drawing, documenting, prioritizing
- 8 We're not going to cover methodologies
- 9 Focus on reality
- 10 Clearly define the capabilities of the threat actor
- 11 Understand what the true business impact is
- 12 Threat Event Frequency
- 13 In order to determine risk we need to identify how often
- 14 We can do this with a SIEM
- 15 Or via custom tooling
- 16 Whatever you do, use the data!
- 17 Deliver value, focus, and prioritize
- 18 You have realized that things change
- 19 Start building threat scenarios automatically
- 20 Both predictable and irrational behavior can be modeled
- 21 Think about a series of requests as a state transition
- 22 You can produce Markov chains from behavioral patterns
- 23 Use the request information to produce intended and identifiably malicious transition matrices
- 24 You can take this incredibly far
- 25 Intent and capability are vital to risk analysis
- 26 Using these Markov chains, you can show both
- 27 Once you identify this you can build your threat models in near real time
- 28 This gives you apply controls to scenarios
- 29 Active risk registers tell everyone the story
- 30 It allows you to be in constant communication with the business
- 31 You can't do it all
- 32 Learn to focus on what matters
