Application Threat Modeling Implementation Tips and Tricks
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore essential knowledge and valuable tips for designing and implementing application threat modeling in this 51-minute OWASP Foundation talk by Mohamed Alfateh. Learn structured approaches to identify, quantify, and address security risks throughout the SDLC process. Discover best practices for creating data flow diagrams (DFDs) for advanced scenarios, including microservices architecture and client-side frameworks. Gain insights into analyzing DFDs to uncover logical threats, selecting appropriate methodologies, and leveraging threat modeling frameworks. Cover topics such as asset identification, application architecture, communication flows, threat libraries, and risk analysis. Enhance your ability to conduct continuous threat modeling and understand threat agents to improve overall application security.
Syllabus
Introduction
Selection of Methodology
Application Threat Modeling Frameworks
Application Threat Modeling Scope
Asset Identification
Application Architecture
Communication
Data Flow Diagram
Web Application Data
Client Side Code
Connection Flow
Logical Flow
Dataflow Diagram
Threat Identification
Threat Libraries
Continuous Threat Modeling
Stride
Tips
Thread Traceability
Understanding Threat Agents
Risk Analysis
Taught by
OWASP Foundation
Related Courses
Financing and Investing in InfrastructureUniversità Bocconi via Coursera Emergency Management
Open2Study Les principes de la finance
Université catholique de Louvain via edX 《実務・資格講座》新規事業開発スキル (gb008)
CICOM BRAINS via gacco La gestión de los riesgos y la administración de los cambios en el proyecto
University of California, Irvine via Coursera