YoVDO

Using the Threat Modeling Manifesto to Build an Enterprise Threat Modeling Program

Offered By: LASCON via YouTube

Tags

LASCON Courses Enterprise Security Courses Threat Modeling Courses STRIDE Courses

Course Description

Overview

Explore the fundamentals of building an Enterprise-class threat modeling program using the Threat Modeling Manifesto in this 57-minute LASCON conference talk. Learn why threat modeling is crucial in today's security landscape, how to leverage the manifesto created by 15 security experts, and gain practical tips for implementation. Discover the four key questions, benefits, and principles of effective threat modeling. Understand the importance of collaboration, iterative approaches, and the 30-minute rule. Delve into positive patterns, antipatterns, and useful toolkits for choosing a solid process. Learn strategies for embedding threat modeling in your organization, developing threat modeling champions, and teaching the practice. Explore how to adapt methodologies like STRIDE and ASVS, focus on mitigations, adopt the right tool sets, and perform quality checks on threat models.

Syllabus

Introduction
Agenda
The Challenge
The Threat Modeling Manifesto
What is Threat Modeling
Threat Modeling for Everyone
Why Did We Put This Together
The Four Key Questions
Benefits of Threat Modeling
Using the Manifesto
People in Collaboration
Journey of Understanding
iterative approach
threat modeling
the 30 minute rule
the principles
outcomes are meaningful
antipatterns
positive patterns
useful toolkit
choosing a solid process
embed threat modeling
threat modeling champions
teaching threat modeling
embracing stride
adapt with ASVS methodology
focus on mitigations
adopt the right tool sets
threat model quality checks
summary


Taught by

LASCON

Related Courses

Comparing WAF and RASP - Why?
LASCON via YouTube
API Security - Is it the New Application Attack Surface and How to Secure at Enterprise Scale
LASCON via YouTube
Privacy Impact Assessments - How Much Privacy Is Enough?
LASCON via YouTube
Your Frontier Defense - Understanding Web Application Firewalls
LASCON via YouTube
Doing This One Crazy Thing Will Change Your AppSec Program Forever
LASCON via YouTube