YoVDO

Threat Modeling: Information Disclosure in Depth

Offered By: LinkedIn Learning

Tags

Threat Intelligence Courses Cryptography Courses Cloud Security Courses Threat Modeling Courses Secrets Management Courses

Course Description

Overview

Learn about the information disclosure pillar in the STRIDE threat modeling framework. Discover how to preserve the confidentiality of the data, secrets, and other information you store.

Syllabus

Introduction
  • Allow me to disclose something
  • Four-question framework
  • Information disclosure as a part of STRIDE
1. Data at Rest
  • Authorized access
  • Physical layer
  • Metadata
2. Data in Motion
  • Encrypted and unencrypted
  • Metadata in motion
  • Non-internet data
3. Information Disclosure by Processes
  • Intentional disclosure
  • Metadata and security
4. Side Effects
  • Radios: Intentional and accidental
  • Timing
  • Interpretation
5. Disclosure in Certain Technologies
  • Cloud
  • IoT and mobile
  • AI and machine learning
6. Defenses
  • Metadata management
  • Secrets and secrets management
  • Cryptography
Conclusion
  • Next steps

Taught by

Adam Shostack

Related Courses

Proactive Computer Security
University of Colorado System via Coursera Security in Office 365
Microsoft via edX Threat Detection: Planning for a Secure Enterprise
Microsoft via edX Cyber Threat Intelligence
IBM via Coursera Security Analyst Fundamentals
IBM via Coursera