Overview
Learn about effective threat modeling through a comprehensive conference talk that explores the STRIDE methodology and templating approaches. Discover how to create consistent and repeatable threat modeling processes by leveraging templates, while gaining insights into identifying security threats across six key categories: Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege. Explore practical examples and best practices for implementing STRIDE-based threat modeling in your security assessment workflows, with guidance on customizing templates to meet specific organizational needs and security requirements.
Syllabus
Making Consistent STRIDEs With Threat Modeling Templates - Andrea Jones
Taught by
BSides Bristol