Threat Modeling: Information Disclosure in Depth
Offered By: LinkedIn Learning
Course Description
Overview
Learn about the information disclosure pillar in the STRIDE threat modeling framework. Discover how to preserve the confidentiality of the data, secrets, and other information you store.
Syllabus
Introduction
- Allow me to disclose something
- Four-question framework
- Information disclosure as a part of STRIDE
- Authorized access
- Physical layer
- Metadata
- Encrypted and unencrypted
- Metadata in motion
- Non-internet data
- Intentional disclosure
- Metadata and security
- Radios: Intentional and accidental
- Timing
- Interpretation
- Cloud
- IoT and mobile
- AI and machine learning
- Metadata management
- Secrets and secrets management
- Cryptography
- Next steps
Taught by
Adam Shostack
Related Courses
Microsoft Azure for Node.js Developers - Building Secure Services and ApplicationsPluralsight Configuring and Managing Microsoft Azure Key Vault
Pluralsight Getting Started with HashiCorp Vault
Pluralsight Installing and Configuring HashiCorp Vault
Pluralsight Managing Access and Secrets in HashiCorp Vault
Pluralsight