Bringing Rapid Prototyping to the Threat Model Process
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore the Rapid Threat Model Prototyping (RTMP) process in this 34-minute OWASP Global AppSec Tel Aviv conference talk. Learn how to accelerate software threat analysis tenfold in fast-paced Agile/DevOps environments. Discover techniques for building security into software design, identifying high-threat areas, and removing flaws before coding begins. Gain insights into just-in-time design processes, automated analysis workflows, and effective threat modeling strategies. Understand the challenges of traditional threat modeling in continuous integration environments and how RTMP addresses these issues. Delve into topics such as security frameworks, mitigations, dataflow diagrams, and mitigation patterns to enhance your approach to software security.
Syllabus
Introduction
Who am I
How projects go nuclear
Visa
What Should Threat Modeling Do
Flaws vs Bugs
Solution Design
Security Framework
Mitigations
Dataflow Diagrams
The Final Sprint
Emergent Design
Open Sam
Rapid Prototype
Rapid Prototyping
Planning
Data Flow Diagram
Project Overview
Elevation of Privilege
Sprint Zero
Example
Defense
Rule of Thumb
Ranking Components
Create
Rules
Zone Math
State Case
Mitigation Patterns
Taught by
OWASP Foundation
Related Courses
Building Geospatial Apps on Postgres, PostGIS, & Citus at Large ScaleMicrosoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube