Application Threat Modeling Implementation Tips and Tricks

Overview

Explore essential knowledge and valuable tips for designing and implementing application threat modeling in this 51-minute OWASP Foundation talk by Mohamed Alfateh. Learn structured approaches to identify, quantify, and address security risks throughout the SDLC process. Discover best practices for creating data flow diagrams (DFDs) for advanced scenarios, including microservices architecture and client-side frameworks. Gain insights into analyzing DFDs to uncover logical threats, selecting appropriate methodologies, and leveraging threat modeling frameworks. Cover topics such as asset identification, application architecture, communication flows, threat libraries, and risk analysis. Enhance your ability to conduct continuous threat modeling and understand threat agents to improve overall application security.

Syllabus

Introduction
Selection of Methodology
Application Threat Modeling Frameworks
Application Threat Modeling Scope
Asset Identification
Application Architecture
Communication
Data Flow Diagram
Web Application Data
Client Side Code
Connection Flow
Logical Flow
Dataflow Diagram
Threat Identification
Threat Libraries
Continuous Threat Modeling
Stride
Tips
Thread Traceability
Understanding Threat Agents
Risk Analysis

Taught by

OWASP Foundation

Reviews

Start your review of Application Threat Modeling Implementation Tips and Tricks

From Zero to Cybersecurity Analyst

Most common

Popular subjects

Popular courses

Application Threat Modeling Implementation Tips and Tricks

Overview

Syllabus

Taught by

Reviews

From Zero to Cybersecurity Analyst

Taught by

Threat Modeling Security Fundamentals

Is Threat Modeling for Me

Practical Threat Modeling with Microsoft's Threat Modeling Tool 2016

Threat Modeling - A Brief History and the Unified Approach at Intuit

Iterative Threat Modelling - Security in Agile Development

Threat Modeling Toolkit

Never Stop Learning.