Threat Modelling Stories from the Trenches
Offered By: LASCON via YouTube
Course Description
Overview
Explore real-world threat modeling case studies in this 51-minute LASCON conference talk. Gain insights into the practical application of threat modeling by examining design flaws uncovered in various domains, including online gaming, two-factor authentication, business-to-business, embedded systems, and cloud computing. Participate in an interactive session that focuses on real-world mistakes, reinforcing secure design principles and attack patterns. Learn how to bridge the gap between theory and practice by analyzing anonymized systems and their vulnerabilities. Discover the threat modeling mindset and its effectiveness in identifying software design defects across different scenarios.
Syllabus
Introduction
About me
Methodology
Design Flaws
App Check
What we learned
Stepup Authentication
Authentication Layer
Attack Scenarios
Link between the two
Flow modeling
Responsibilities
Cookies
Passwords
Change
Deployment Scenarios
Playing Well with Others
Do You Prevent This
Lessons
Taught by
LASCON
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network