Do you have a hard time mitigating threats to your applications? Are you confused how to employ threat modeling? This course will teach you how to effectively employ threat modeling to reduce the attack surface of your application. We will use case studies to effectively.
If you are familiar with threat modeling as an exercise, you would know that threat modeling involves identification of threats and vulnerabilities in the context of your applications. In this course, Performing Threat Modeling with the PASTA Methodology, you’ll learn to build application threat models using PASTA methodology. First, you’ll explore the fundamentals of threat modeling. Next, you’ll discover how to dissect applications into smaller components followed by threat, vulnerability, and weakness analysis. Finally, you’ll learn how to build attack models. When you’re finished with this course, you’ll have the skills and knowledge of PASTA methodology needed to conduct threat modeling.
Cyber Security professional with experience of working as consultant, Appsec, SecOps and Compliance Management. I have experience in Web and Mobile App Pentesting, Cryptography, ISO 27001, Network security and Security Engineering
Course Overview Hello everyone. My name is Prashant Pandey, and welcome to my course Performing Threat Modeling with the PASTA Methodology. I'm a security consultant and penetration tester by profession. I hold CISSP and ISO 27001 Lead Auditor certifications. If you are familiar with threat modeling as an exercise you would know that threat modeling involves identification of threats and vulnerabilities in context of your applications or your crown jewels. PASTA takes this approach a step forward by combining the time‑tested risk assessment methodology and coupling this with the threat modeling exercise. PASTA methodology involves identifying the threats and vulnerabilities along with their impact. We calculate the risk level and plan the treatment of these risks. By the end of this course you will be able to independently conduct threat modeling on your applications using the PASTA methodology. Before starting this course you should be familiar and have a high‑level understanding of concepts like threat modeling, risk assessment, business impact analysis, penetration testing, and security monitoring. All these topics are covered in great details in different courses of Pluralsight. I hope you'll join me on this course to learn risk centric threat modeling with this course on Performing Threat Modeling with the PASTA Methodology at Pluralsight. Enjoy the course.