YoVDO

Threat Modeling: Information Disclosure in Depth

Offered By: LinkedIn Learning

Tags

Threat Intelligence Courses Cryptography Courses Cloud Security Courses Threat Modeling Courses Secrets Management Courses

Course Description

Overview

Learn about the information disclosure pillar in the STRIDE threat modeling framework. Discover how to preserve the confidentiality of the data, secrets, and other information you store.

Syllabus

Introduction
  • Allow me to disclose something
  • Four-question framework
  • Information disclosure as a part of STRIDE
1. Data at Rest
  • Authorized access
  • Physical layer
  • Metadata
2. Data in Motion
  • Encrypted and unencrypted
  • Metadata in motion
  • Non-internet data
3. Information Disclosure by Processes
  • Intentional disclosure
  • Metadata and security
4. Side Effects
  • Radios: Intentional and accidental
  • Timing
  • Interpretation
5. Disclosure in Certain Technologies
  • Cloud
  • IoT and mobile
  • AI and machine learning
6. Defenses
  • Metadata management
  • Secrets and secrets management
  • Cryptography
Conclusion
  • Next steps

Taught by

Adam Shostack

Related Courses

Applied Cryptography
University of Virginia via Udacity Cryptography II
Stanford University via Coursera Coding the Matrix: Linear Algebra through Computer Science Applications
Brown University via Coursera Cryptography I
Stanford University via Coursera Unpredictable? Randomness, Chance and Free Will
National University of Singapore via Coursera