Having an effective Threat Model for your apps is like creating a game plan for developers. AppSec moves a lot faster, and is far less error-prone when you analyse your application, know where a potential attacker is likely to start, and find the most probable attack vectors. When you possess this much information, defending against threats becomes a systematic, efficient process. Just like a well-oiled machine.
In the Threat Modelling Essentials course, we’re going to show you everything you need to know about Threat Modelling your apps. We start with a background into the subject, discussing various methodologies old and new. As we move into system-wide Threat Modelling, you’re going to learn about inputs, branches and mapping your Threat Model. The final module explores mitigations for Threat Models.
Our courses emphasise learning using hands-on material, giving you a look at strategies, techniques and methodologies that are used in actual product development environments. All our learning material is a distillation of years of security testing experience, knowledge, and original research across our entire team. Once you’ve completed this course, you’ll be able to use what you’ve learnt to create functioning Threat Models at your organization.
An Overview of Trust Zones
Find the STRIDE Threats
System Threat Modeling Case Study — Acme Electronics