Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Bringing Rapid Prototyping to the Threat Model Process

OWASP Foundation via YouTube

Overview

Explore the Rapid Threat Model Prototyping (RTMP) process in this 34-minute OWASP Global AppSec Tel Aviv conference talk. Learn how to accelerate software threat analysis tenfold in fast-paced Agile/DevOps environments. Discover techniques for building security into software design, identifying high-threat areas, and removing flaws before coding begins. Gain insights into just-in-time design processes, automated analysis workflows, and effective threat modeling strategies. Understand the challenges of traditional threat modeling in continuous integration environments and how RTMP addresses these issues. Delve into topics such as security frameworks, mitigations, dataflow diagrams, and mitigation patterns to enhance your approach to software security.

Syllabus

Introduction
Who am I
How projects go nuclear
Visa
What Should Threat Modeling Do
Flaws vs Bugs
Solution Design
Security Framework
Mitigations
Dataflow Diagrams
The Final Sprint
Emergent Design
Open Sam
Rapid Prototype
Rapid Prototyping
Planning
Data Flow Diagram
Project Overview
Elevation of Privilege
Sprint Zero
Example
Defense
Rule of Thumb
Ranking Components
Create
Rules
Zone Math
State Case
Mitigation Patterns

Taught by

OWASP Foundation

Reviews

Start your review of Bringing Rapid Prototyping to the Threat Model Process

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.