Completed
Or via custom tooling
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Adaptive Threat Modeling
Automatically move to the next video in the Classroom when playback concludes
- 1 Adaptive Threat Modeling
- 2 If there isn't a reason, stop doing it
- 3 It's the reason you're doing this!
- 4 Security should always come with purpose and intent
- 5 How do we understand threats?
- 6 Threat modeling is a procedure for optimizing network Security by identifying objectives and vulnerabilities, and then defining countermeasures to prevent, or mitigate the effects of threats to the s…
- 7 Drawing, documenting, prioritizing
- 8 We're not going to cover methodologies
- 9 Focus on reality
- 10 Clearly define the capabilities of the threat actor
- 11 Understand what the true business impact is
- 12 Threat Event Frequency
- 13 In order to determine risk we need to identify how often
- 14 We can do this with a SIEM
- 15 Or via custom tooling
- 16 Whatever you do, use the data!
- 17 Deliver value, focus, and prioritize
- 18 You have realized that things change
- 19 Start building threat scenarios automatically
- 20 Both predictable and irrational behavior can be modeled
- 21 Think about a series of requests as a state transition
- 22 You can produce Markov chains from behavioral patterns
- 23 Use the request information to produce intended and identifiably malicious transition matrices
- 24 You can take this incredibly far
- 25 Intent and capability are vital to risk analysis
- 26 Using these Markov chains, you can show both
- 27 Once you identify this you can build your threat models in near real time
- 28 This gives you apply controls to scenarios
- 29 Active risk registers tell everyone the story
- 30 It allows you to be in constant communication with the business
- 31 You can't do it all
- 32 Learn to focus on what matters
