Naperville Public Library
Library Hours
Monday to Friday: 9 a.m. to 9 p.m.
Saturday: 9 a.m. to 5 p.m.
Sunday: 1 p.m. to 9 p.m.
Naper Blvd. 1 p.m. to 5 p.m.
Home Best Sellers Research a Topic Download & Stream Material Request My Account
     
Limit search to available items
Record 1 of 2
Results Page:  Previous Next
Author Tarandach, Izar.

Title Threat Modeling [electronic resource] / Izar Tarandach. [O'Reilly electronic resource]

Imprint [S.l.] : O'Reilly Media, Inc., 2020.
To Access:
Connect to https://ezproxy.naperville-lib.org/login?url=https://learning.oreilly.com/library/view/~/9781492056546/?ar
Bookmark link: https://library.naperville-lib.org:444/record=b3188206~S1
QR Code
Description 1 online resource
Note Title from content provider.
Contents Intro -- Copyright -- Table of Contents -- Foreword -- Preface -- Why We Wrote This Book -- Who This Book Is For -- What Is (and Isn't!) in This Book -- These Techniques Apply Across Various Systems -- Your Contribution Matters -- Conventions Used in This Book -- O'Reilly Online Learning -- How to Contact Us -- Acknowledgments -- Introduction -- The Basics of Threat Modeling -- What Is Threat Modeling? -- Why You Need Threat Modeling -- Obstacles -- Threat Modeling in the System Development Life Cycle -- Essential Security Principles -- Basic Concepts and Terminology
Calculating Severity or Risk -- Core Properties -- Fundamental Controls -- Basic Design Patterns for Secure Systems -- Summary -- Chapter 1. Modeling Systems -- Why We Create System Models -- System Modeling Types -- Data Flow Diagrams -- Sequence Diagrams -- Process Flow Diagrams -- Attack Trees -- Fishbone Diagrams -- How to Build System Models -- What Does a Good System Model Look Like? -- Summary -- Chapter 2. A Generalized Approach to Threat Modeling -- Basic Steps -- What You Are Looking for in a System Model -- The Usual Suspects -- What You Should Not Expect to Discover
Threat Intelligence Gathering -- Summary -- Chapter 3. Threat Modeling Methodologies -- Before We Go Too Deep... -- Looking Through Filters, Angles, and Prisms -- To the Methodologies, at Last! -- STRIDE -- STRIDE per Element -- STRIDE per Interaction -- Process for Attack Simulation and Threat Analysis -- Threat Assessment and Remediation Analysis -- Trike -- Specialized Methodologies -- LINDDUN -- Madness? This Is SPARTA! -- INCLUDES NO DIRT -- Shall We Play a Game? -- Game: Elevation of Privilege -- Game: Elevation of Privilege and Privacy -- Game: OWASP Cornucopia
Game: Security and Privacy Threat Discovery Cards -- Game: LINDDUN GO -- Summary -- Chapter 4. Automated Threat Modeling -- Why Automate Threat Modeling? -- Threat Modeling from Code -- How It Works -- Threat Modeling with Code -- How It Works -- pytm -- Threagile -- An Overview of Other Threat Modeling Tools -- IriusRisk -- SD Elements -- ThreatModeler -- OWASP Threat Dragon -- Microsoft Threat Modeling Tool -- CAIRIS -- Mozilla SeaSponge -- Tutamen Threat Model Automator -- Threat Modeling with ML and AI -- Summary -- Chapter 5. Continuous Threat Modeling -- Why Continuous Threat Modeling?
The Continuous Threat Modeling Methodology -- Evolutionary: Getting Better All the Time -- The Autodesk Continuous Threat Modeling Methodology -- Baselining -- Baseline Analysis -- When Do You Know You Did Enough? -- Threat Model Every Story -- Findings from the Field -- Summary -- Chapter 6. Own Your Role as a Threat Modeling Champion -- How Do I Get Leadership On-Board with Threat Modeling? -- How Do I Overcome Resistance from the Rest of the Product Team? -- How Do We Overcome the Sense of (or Actual) Failure at Threat Modeling?
Added Author Coles, Matthew J.
ISBN 9781492056553 (paperback)
1492056553 (paperback)
Patron reviews: add a review
Click for more information
EBOOK
No one has rated this material

You can...
Also...
- Find similar reads
- Add a review
- Sign-up for Newsletter
- Suggest a purchase
- Can't find what you want?
More Information

 
 
© Naperville Public Library 2019.