Understand Threat Modeling Concepts and How to Apply its Methodologies.
When you perform threat modeling for your organization, you document potential threats and prioritize those threats (often by putting yourself in an attacker’s mindset). There are four well-known methods. STRIDE, introduced at Microsoft in 1999, focuses on spoofing of user identity, tampering, repudiation, information disclosure, denial of service and elevation of privilege. PASTA (process for …
Understand Threat Modeling Concepts and How to Apply its Methodologies. Read More »