YoVDO

Threat Modeling: Information Disclosure in Depth

Offered By: LinkedIn Learning

Tags

Threat Intelligence Courses Cryptography Courses Cloud Security Courses Threat Modeling Courses Secrets Management Courses

Course Description

Overview

Learn about the information disclosure pillar in the STRIDE threat modeling framework. Discover how to preserve the confidentiality of the data, secrets, and other information you store.

Syllabus

Introduction
  • Allow me to disclose something
  • Four-question framework
  • Information disclosure as a part of STRIDE
1. Data at Rest
  • Authorized access
  • Physical layer
  • Metadata
2. Data in Motion
  • Encrypted and unencrypted
  • Metadata in motion
  • Non-internet data
3. Information Disclosure by Processes
  • Intentional disclosure
  • Metadata and security
4. Side Effects
  • Radios: Intentional and accidental
  • Timing
  • Interpretation
5. Disclosure in Certain Technologies
  • Cloud
  • IoT and mobile
  • AI and machine learning
6. Defenses
  • Metadata management
  • Secrets and secrets management
  • Cryptography
Conclusion
  • Next steps

Taught by

Adam Shostack

Related Courses

Cyber Security Incident Response for Managers
PA Consulting via FutureLearn Manage the cyber threat for finance professionals
ACCA via edX Security in Office 365
Microsoft via edX Threat Detection: Planning for a Secure Enterprise
Microsoft via edX Get Started with Threat Intelligence
Salesforce via Trailhead