STRIDE Threat Modeling for Beginners - In 20 Minutes

Показать описание

If I could save a company a million dollars on their security budget every year, this is how I'd do it! While most people don't think of threat modeling as the sexiest exercise, it can actually be pretty exciting. Trust me when I say this, I wish I had learned how to do threat modeling much earlier when I was first starting out in consulting and bug hunting. It would have saved a lot of time, and made my clients happier too! Now, if you want to learn how to make one yourself to save you time, a headache, and money; then that's what we're going to get into today.

#threatmodeling #ethicalhacking #infosec #cybersecurity #redteam #webapp

Рекомендации по теме

Комментарии

<3
The excel sheet for Stride/pasta, strengths/weaknesses on the different trust boundaries made it make a lot more sense while studying. tysm <3

PaigeHokanson-zg

Really good for starting thread modeling.

hojatsajadinia

This is the most useful video on threat modeling on the internet! thank you for making it!

DebasishMandal

The information you get from this video is a solid introduction. Great job!!! Thank you.

Digi-qb

A great introduction to beginners. I learned a lot. Thank you!

adansko

Thanks. The video helped me understand the threat modelling concept better.

jerryb

Great explanation and example. Thanks!

Stew

Thanks for sharing your knowledge on this, I am studying for CISSP and your video has helped me understand how a Threat Modelling exercise is actually done.

borroms

Thanks! awesome demonstration on how to perform Threat Modeling.

eilonc

this awesome. hoping you make one more complex as well !

nojozol

@11:42 minutes, you mentioned PASTA, can you please make a video about PASTA vs STRIDE and other threat modelling approaches?

papoy

Would you define trust boundries around every single "node" if you are to follow the Zero Trust framework?

TejasJain

Nicely explanation, I have one question, why you are doing this in manually, there is a tool from Microsoft. That tool will do all things automatically for you. Any specific reason you do this manually?

DontFookGaming

Maybe I'm just blind but I don't see the completed threat model report in the description? :(

MikeAdams

STRIDE Threat Modeling for Beginners - In 20 Minutes

STRIDE Threat Modeling for Beginners - In 20 Minutes

STRIDE Threat Modeling using Microsoft Threat Modeling Tool

Use STRIDE To Do A Quick Threat Modeling On A Simple Web Application (Step by Step Guide)

Security Threat Modelling / Analysis - using STRIDE - useful for CISSP certification #cybersecurity

Introduction to Threat Modelling with STRIDE

How to do Real World Threat Modeling

Introducing STRIDE for threat modeling

The STRIDE Method Via Example - Identifying Security Vulnerabilities

What is Threat Modeling and Why Is It Important?

Threat modelling with OWASP Threat Dragon

From Zero To Hero: Threat Modeling In 90 Minutes by Steven Wierckx

2. Microsoft Threat Modeling Practical session | UCSC

Stride Threat Modeling | Cyber Security

Beginners Threat Modeling

Threat Modeling - DREAD, PASTA and STRIDE methodologies

Microsoft Threat Modeling Tool | Create a standard architecture & Analysis

Threat Modeling Explained| How to implement threat modeling| Pros and Cons of Threat Modeling Method

Threat Modeling Frameworks for Information Security Analysts | Threats and Attack Vectors

DevSecOps - Threat Modeling and the STRIDE Model

Cybersecurity STRIDE working example threat analysis

STRIDE Threat modeling DVWA using Microsoft threat modeling tool.

1. Introduction, Threat Models

THREAT MODELING IN 2021 with Adam Shostack

How I Would Run a Threat Modelling Session For an Azure Architecture