Threat modeling can help mitigate security risks in an application in a repeatable and efficient way. This course teaches you the fundamentals of threat modeling and what the different approaches and methodologies are.
Security is important. You want to build more secure applications. You don't want to bolt on security afterwards, but you want to make sure it's there from the get-go - for each project. Threat Modeling is a growing field of interest for software developers, architects and security professionals. With good reason, as this can be a very effective way to accomplish those goals. In this course, Threat Modeling Fundamentals, you'll dive deeper into the fundamentals of threat modeling including a short exercise to help you follow along. First, you'll discover what the pro's and cons are of each methodology. Next, you'll explore how to draw data flow diagrams for threat modeling. Then, you'll learn how to perform the generic threat model process. Finally, you'll cover what common pitfalls are and how to work around those. By the end of this course, you'll be familiar with all popular threat modeling approaches and methodologies.
This course teaches you the fundamentals of threat modeling . After watching this course, you will know the fundamentals of threat modeling; the various approaches, methodologies, and their differences; and how to perform the generic threat modeling process.
Peter started out in the nineties as software engineer working on internet banking applications for various European financial institutions. Since 2004, he started specializing in pentesting complex and feature-rich web applications. Currently, he leads a global team of highly skilled and enthusiastic penetration testers as lead pentester.
Course Overview Hi everyone, my name is Peter Mosmans, and welcome to my course, Threat Modeling Fundamentals. I'm a lead penetration tester working for multiple companies around the globe. Threat modeling really is beginning to take off, and with great reason, it's one of the most effective ways to reduce the risk, and increase the security of applications. But what is the best methodology, what are their differences, which one should you use and why? In this course, we are going to dive deeper into the fundamentals of threat modeling, and we'll show you what the best and most efficient way of threat modeling is for your specific situation. Some of the major topics that we will cover include what the pros and cons of each methodology are, how to draw data flow diagrams for threat modeling, how to perform the generic threat modeling process, what common pitfalls are and how to work around those. You will be familiar with all popular threat modeling approaches and methodologies. You will know their pros and cons, and what will be the best fit for your team and your organization. Before beginning the course, you should be familiar with the software development life cycle, knowledge of security, and in particular threat modeling, is a plus but not strictly necessary. The course itself is for anyone designing, building, and defending software. I hope you'll join me on this journey to learn all about threat modeling, with the Threat Modeling Fundamentals course, here at Pluralsight.