Cloud Threat Modeling - From Architecture Design to Application Development
Offered By: RSA Conference via YouTube
Course Description
Overview
Syllabus
Intro
Why Threat Modeling?
Threat Modeling (System/Software Centric)
Attack Modeling (Attack Centric)
What To Consider When Threat Modeling
There are Five Major Threat Modeling Steps
Threat Modeling (with Common Attacks)
Threat Modeling (Attack Tree Example)
Home Alone Attack Tree (Example) - Continued
Simple Threat Model (Trojan Threat Model Example)
STRIDE Threat Categories
Cloud Security Alliance's Top Threats Working Group
Cloud Controls Matrix (CCM) 4.0 CCM
CSA Top Threats Cloud Threat Modeling
Cloud Threat Modeling Cards
TT:DD Case Study Scenario - Dow Jones 2019
Cloud Threat Modeling Asset Provenance & Pedigree
Same Elasticsearch "Product"; Different Vulnerabilities
Threat Modeling Consistency
Naming Threats
How To Apply What We Have Covered
Taught by
RSA Conference
Related Courses
Software Security: Keeping Pace with Rapid DevelopmentChariotSolutions via YouTube ICS OSINT - An Attacker’s Perspective
RSA Conference via YouTube Open Source Tooling for Threat Analysis and Attack Surface Management
RSA Conference via YouTube Payload Delivery for Initial Access in Red Team Engagement
Hack In The Box Security Conference via YouTube Manage Your Attack Surface on a Budget
BSidesLV via YouTube