Course info
Aug 14, 2017
1h 29m

Security is important. You want to build more secure applications. You don't want to bolt on security afterwards, but you want to make sure it's there from the get-go - for each project. Threat Modeling is a growing field of interest for software developers, architects and security professionals. With good reason, as this can be a very effective way to accomplish those goals. In this course, Threat Modeling Fundamentals, you'll dive deeper into the fundamentals of threat modeling including a short exercise to help you follow along. First, you'll discover what the pro's and cons are of each methodology. Next, you'll explore how to draw data flow diagrams for threat modeling. Then, you'll learn how to perform the generic threat model process. Finally, you'll cover what common pitfalls are and how to work around those. By the end of this course, you'll be familiar with all popular threat modeling approaches and methodologies. This course teaches you the fundamentals of threat modeling . After watching this course, you will know the fundamentals of threat modeling; the various approaches, methodologies, and their differences; and how to perform the generic threat modeling process.

About the author
About the author

Peter started out in the nineties as software engineer working on internet banking applications for various European financial institutions. Since 2004, he started specializing in pentesting complex and feature-rich web applications. Currently, he leads a global team of highly skilled and enthusiastic penetration testers as lead pentester.

More from the author
More courses by Peter Mosmans
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone, my name is Peter Mosmans, and welcome to my course, Threat Modeling Fundamentals. I'm a lead penetration tester working for multiple companies around the globe. Threat modeling really is beginning to take off, and with great reason, it's one of the most effective ways to reduce the risk, and increase the security of applications. But what is the best methodology, what are their differences, which one should you use and why? In this course, we are going to dive deeper into the fundamentals of threat modeling, and we'll show you what the best and most efficient way of threat modeling is for your specific situation. Some of the major topics that we will cover include what the pros and cons of each methodology are, how to draw data flow diagrams for threat modeling, how to perform the generic threat modeling process, what common pitfalls are and how to work around those. You will be familiar with all popular threat modeling approaches and methodologies. You will know their pros and cons, and what will be the best fit for your team and your organization. Before beginning the course, you should be familiar with the software development life cycle, knowledge of security, and in particular threat modeling, is a plus but not strictly necessary. The course itself is for anyone designing, building, and defending software. I hope you'll join me on this journey to learn all about threat modeling, with the Threat Modeling Fundamentals course, here at Pluralsight.

Threat Modeling, the What, Why, Who, and When
Hi, and a very warm welcome to the Threat Modeling Fundamentals course. If you're interested in security, and want to fundamentally improve the security of say an application you or your team is working on, then you have started the right course. Security can be an overwhelming field, where to start, you don't want a one-time exercise but you want to inject security into the process. The software development process to be exact. Well, the end goal of threat modeling is to reduce risk, and it can applied as a repeatable process. Threat modeling is a growing field of interest for software developers, architects, and security professionals alike. With good reason, as it can be very effective, and as you shall see during the course, threat modeling with give you and your team a number of other important benefits as well. This course is designed for anyone involved in designing, building, and defending or breaking software. That includes software architects, developers, testers, as well as stake holders. After watching this course, you will be able to apply threat modeling, as you will be familiar with its fundamentals, the concepts, the various approaches, the pros and cons of several methodologies, and you'll know when to apply what. This module will let you hit the ground running, and answer the four Ws on threat modeling, what it is, why would you perform threat modeling, who should do it, and when would you perform threat modeling. Let's dive right in.

Choosing the Right Methodology
Now that we established what the three different approaches, or starting point for threat modeling are, let us take a look at a number of well-known methodologies. Based on your team, organization, and goals for threat modeling, one of these methodologies might fit best into your organization. The best known and most widely used threat modeling methodologies will be covered. We start with PASTA, then move onto Microsoft Threat Modeling, OCTAVE, TRIKE, and finally end with VAST. As you shall see, each of those methodologies has its advantages and disadvantages. By the end of this module, you should be able to pick one of these that fits best for you and your team. Before we start with the first methodology, a caveat. Strictly speaking, not all of the methodologies that are going to be discussed here are pure threat modeling methodologies as you shall see. There are also methodologies that fall into the risk and threat analysis category. Still it's useful to compare them, as each of the methodologies fits into the criteria of threat modeling. When applied they systematically list all the potential ways that somebody can attack that application. The modeling methodologies covered are all asset or application-centric. Attacker-centric threat modeling approaches are really technical, and more geared towards security professionals. It deserves its own Pluralsight course. Therefore, I kindly refer you to the upcoming Pluralsight course, Threat Modeling for Penetration Testers. That one will focus exclusively on those types of threat modeling. But first, it's time for PASTA.

Improving Threat Modeling
Practice makes perfect. Tell me and I forget. Teach me and I remember. Involve me and I learn. Another timely quote from Benjamin Franklin. It takes multiple times performing the threat modeling process to reinforce old habits, and to see what works best for your organization. Having said that, there are a number of best practices and things to think of while threat modeling. This module deals with common pitfalls while threat modeling, or wanting to start with the process. Those issues are categorized into security and support issues, quality and quantity issues, and generic issues while threat modeling. As this is already the last module, this module will end with a summary of the whole course.