Topics of Interest - Agile Threat Modeling with Open-Source Tools

Topics of Interest - Agile Threat Modeling with Open-Source Tools

OWASP Foundation via YouTube Direct link

Intro

1 of 28

1 of 28

Intro

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Topics of Interest - Agile Threat Modeling with Open-Source Tools

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Threat Models as Code?
  3. 3 Benefits of Code
  4. 4 Drawbacks of Code
  5. 5 Threagile - Agile Threat Modeling Toolkit
  6. 6 First Steps with Threagile Create either a minimal stub model or a filed example model
  7. 7 Example Model: Data Assets
  8. 8 Example Model: Communication Links
  9. 9 Example Model: Trust Boundaries
  10. 10 Execute a Threagile Run Processes the YAML model file
  11. 11 Model Graph Generation (Data Flows)
  12. 12 PDF & Excel Report Generation
  13. 13 STRIDE Classification of Risks
  14. 14 Assignment by Function
  15. 15 Relative Attacker Attractiveness (RAA)
  16. 16 Data Breach Probabilities (DBP)
  17. 17 Risk Mitigation Recommendations
  18. 18 Risk Instances by vulnerability & by tech as
  19. 19 Detail Results as JSON
  20. 20 Risk Rules -40 and constantly growing
  21. 21 Custom Risk Rules (plugin interface)
  22. 22 Editing Support in IDES Schema for YAML input available Enables syntax validation error flagging & auto-completion
  23. 23 Risk Tracking inside YAML file by Risk-1
  24. 24 What About Bigger Models?
  25. 25 Model Macros: Interactive Wizards Interactive wizards reading existing models and modify/enhance them
  26. 26 GitHub Integration (as workflow action)
  27. 27 Possible Effects
  28. 28 Upcoming Features currently in developme

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.