Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Threat Modeling Toolkit

OWASP Foundation via YouTube

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the fundamentals of threat modeling in software development through this 49-minute conference talk from APPSEC Cali 2018. Delve into the essential components of effective threat modeling, including structuring potential attacks, identifying bad actors, and implementing countermeasures. Learn how to apply these concepts using a cryptocurrency ecosystem as a practical example. Gain insights from Jonathan Marcil, an Application Security Engineer at Twitch, as he shares his expertise in architecture analysis, code review, and security tool evaluation. Discover the importance of early security analysis in the development process and how threat modeling can improve communication within teams. Examine various tools and techniques, such as DFG diagrams, flow diagrams, and attack trees, to enhance your threat modeling skills. Benefit from Marcil's extensive experience in Information Technology and Security as you explore this crucial aspect of application security.

Syllabus

Introduction
Background
Threat Modeling Experience
What is Threat Modeling
Train Intelligence
Why do Threat Modeling
Lack of Communication
Communication
Tools
DFG Diagram
Not an architectural document
Flow diagram
Mobile app
Electron Wallet
Exchange
Blockchain Integration
Extended Set
Domain Real Life
Graph
Labels
Errors
Target Visuals
JSONRPC Vulnerability
Note
Security Control Checklist
Questions
Architecture
Attack Tree
Spy
Privacy
Balance
WebEx
Whiteboard
Plans UML
Parse
Conclusion
Modeling Panels

Taught by

OWASP Foundation

Reviews

Start your review of Threat Modeling Toolkit

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.