Performing Threat Modeling with the Microsoft Threat Modeling Methodology
Offered By: Pluralsight
Course Description
Overview
Tired of finding security bugs after the code is written? Finding bugs late is dangerous and expensive. In this course, you'll learn techniques for threat modeling, before it's too late.
Finding security bugs after the software has been built can lead to two things: exploitation of the bug in the wild, or spending a fortune to fix it. In this course, Performing Threat Modeling with the Microsoft Threat Modeling Methodology, you will gain the ability to analyze your software and find threats to it before any line of code is written. First, you will learn how to diagram an application to clearly show how all of its parts work together. Next, you will discover how to use diagrams to find threats using techniques such as STRIDE. Finally, you will explore how to document and mitigate threats to your software. When you’re finished with this course, you will have the skills and knowledge of threat modeling needed to anticipate threats and deal with them before they cause damage.
Topics:
Finding security bugs after the software has been built can lead to two things: exploitation of the bug in the wild, or spending a fortune to fix it. In this course, Performing Threat Modeling with the Microsoft Threat Modeling Methodology, you will gain the ability to analyze your software and find threats to it before any line of code is written. First, you will learn how to diagram an application to clearly show how all of its parts work together. Next, you will discover how to use diagrams to find threats using techniques such as STRIDE. Finally, you will explore how to document and mitigate threats to your software. When you’re finished with this course, you will have the skills and knowledge of threat modeling needed to anticipate threats and deal with them before they cause damage.
Topics:
- Course Overview
- Introduction
- Bringing Threat Modeling to Your Organization
- Building the Foundation - Diagramming the Application
- Finding Threats Using STRIDE
- Finding Threats with Alternative Methods
- Documenting Threats
- Dealing with Threats
- Wrapping Up
Taught by
Justin Boyer
Related Courses
Менеджмент информационной безопасностиHigher School of Economics via Coursera Planning a Security Incident Response
Microsoft via edX Identifying Security Vulnerabilities
University of California, Davis via Coursera Secure Coding Practices
University of California, Davis via Coursera Atlas Security
MongoDB University