Overview
Explore practical threat modeling techniques for real-world and cloud situations in hybrid and work-from-home environments. Learn a four-stage approach to threat modeling: creating the model, identifying threats, addressing threats, and validating the model. Discover how to set scope, use tools and methodologies, understand current systems, and reflect on measurements. Gain insights into cloud security configurations, shifting to the cloud, and cloud-native scenarios. Apply these concepts to realistic examples and practice threat modeling to improve cyber posture, decrease risk, and integrate security earlier in the software development lifecycle. Examine vulnerabilities from the OWASP Top Ten using DVWA and virtual private cloud setups.
Syllabus
Introduction
Who am I
About Uma
What is Threat Modeling
Why Threat Modeling
How and Engaging
Threat Models
Diamond Threat Model
Big Picture
Identifying Threats
Documentation
Communication
Validation
Mitigations
Acceptance Criteria
Application Architecture
Document
Validate
Taught by
OWASP Foundation