Performing Threat Modeling with the Microsoft Threat Modeling Methodology
|
Tired of finding security bugs after the code is written? Finding bugs late is dangerous and expensive. In this course, you’ll learn techniques for threat modeling, before it’s too late.
Finding security bugs after the software has been built can lead to two things: exploitation of the bug in the wild, or spending a fortune to fix it. In this course, Performing Threat Modeling with the Microsoft Threat Modeling Methodology, you will gain the ability to analyze your software and find threats to it before any line of code is written. First, you will learn how to diagram an application to clearly show how all of its parts work together. Next, you will discover how to use diagrams to find threats using techniques such as STRIDE. Finally, you will explore how to document and mitigate threats to your software. When you’re finished with this course, you will have the skills and knowledge of threat modeling needed to anticipate threats and deal with them before they cause damage.
Author Name: Justin Boyer
Author Description:
Justin Boyer writes copy and content for tech companies. He started his IT career as a software developer, then moved into application security, becoming Security+ and CSSLP certified. After almost a decade in the tech industry building desktop, mobile, web, and cloud-based applications, Justin has launched a tech writing business to help software and security companies sell their products and services.
Table of Contents
- Course Overview
1min - Introduction
5mins - Bringing Threat Modeling to Your Organization
20mins - Building the Foundation – Diagramming the Application
19mins - Finding Threats Using STRIDE
19mins - Finding Threats with Alternative Methods
9mins - Documenting Threats
9mins - Dealing with Threats
13mins - Wrapping Up
7mins
User Reviews
Be the first to review “Performing Threat Modeling with the Microsoft Threat Modeling Methodology”
Related Products
Physical Security
Most information security professionals find the domain of physical security to be one of their hardest areas. This course outlines the concepts of physical security and will help you understand physical security requirements and implementation.
The IT Ops Sessions: Zero Trust Technologies – Designing and Deploying Microsegmentation
In this IT Ops session, you’ll learn to design and deploy microsegmentation throughout your enterprise.
Credential Access with John the Ripper
John the Ripper (JtR) is widely used within red team assessments. Learn how to leverage the powerful capabilities of JtR to crack passwords of various hash types and use JtR within Metasploit.
Getting Started with OAuth 2.0
OAuth 2.0 is the go-to solution for API security, bringing authorization and delegation to modern HTTP APIs. In this course, you'll learn the fundamentals of OAuth, allowing you to architect and implement the right solution for your requirements.
Maintaining Deployment Security in Microsoft Azure
This course identifies the resources, tools, and methods needed to maintain the security of your deployed resources in Azure.
Collection with PowerSploit
In this course, we'll explore the language of logic and deductive reasoning. Completing this course will grant you the knowledge needed to make better decisions.
There are no reviews yet.