Explore practical threat modeling techniques for real-world and cloud situations in hybrid and work-from-home environments. Learn a four-stage approach to threat modeling: creating the model, identifying threats, addressing threats, and validating the model. Discover how to set scope, use tools and methodologies, understand current systems, and reflect on measurements. Gain insights into cloud security configurations, shifting to the cloud, and cloud-native scenarios. Apply these concepts to realistic examples and practice threat modeling to improve cyber posture, decrease risk, and integrate security earlier in the software development lifecycle. Examine vulnerabilities from the OWASP Top Ten using DVWA and virtual private cloud setups.
Practical Threat Modeling for Real-World and Cloud Situations in Hybrid Work Environments
Overview
Syllabus
Introduction
Who am I
About Uma
What is Threat Modeling
Why Threat Modeling
How and Engaging
Threat Models
Diamond Threat Model
Big Picture
Identifying Threats
Documentation
Communication
Validation
Mitigations
Acceptance Criteria
Application Architecture
Document
Validate
Taught by
OWASP Foundation
Related Courses
-
Practical Threat Modeling with Microsoft's Threat Modeling Tool 2016
-
Designing Security and Privacy - A Developer's Guide to Threat Modeling with OWASP SAMM
-
Layered Threat Modeling: An Architectural Approach
-
Threat Modeling for Developers
-
Threat Modeling of Containerized Applications - Three Levels of Complexity
-
Automating Architectural Risk Analysis with Open Threat Model Format
