YoVDO

Threat Modelling Stories from the Trenches

Offered By: LASCON via YouTube

Tags

LASCON Courses Cybersecurity Courses Threat Modeling Courses

Course Description

Overview

Explore real-world threat modeling case studies in this 51-minute LASCON conference talk. Gain insights into the practical application of threat modeling by examining design flaws uncovered in various domains, including online gaming, two-factor authentication, business-to-business, embedded systems, and cloud computing. Participate in an interactive session that focuses on real-world mistakes, reinforcing secure design principles and attack patterns. Learn how to bridge the gap between theory and practice by analyzing anonymized systems and their vulnerabilities. Discover the threat modeling mindset and its effectiveness in identifying software design defects across different scenarios.

Syllabus

Introduction
About me
Methodology
Design Flaws
App Check
What we learned
Stepup Authentication
Authentication Layer
Attack Scenarios
Link between the two
Flow modeling
Responsibilities
Cookies
Passwords
Change
Deployment Scenarios
Playing Well with Others
Do You Prevent This
Lessons


Taught by

LASCON

Related Courses

Менеджмент информационной безопасности
Higher School of Economics via Coursera
Planning a Security Incident Response
Microsoft via edX
Identifying Security Vulnerabilities
University of California, Davis via Coursera
Secure Coding Practices
University of California, Davis via Coursera
Atlas Security
MongoDB University