0%

Book Description

Threat modeling is one of the most essential—and most misunderstood—parts of the development lifecycle. Whether you’re a security practitioner or application developer, this book will help you gain a better understanding of core concepts and how to apply them to your practice to protect your systems from threats.

Authors Izar Tarandach and Matthew Coles walk you through the myriad ways to approach and execute threat modeling. Contrary to popular belief, the process takes neither incredibly advanced security knowledge nor an unmanageable amount of effort. But it’s critical for spotting and addressing potential concerns in a cost-effective way before the code’s written and it’s too late to find a solution.

  • Find out why threat modeling is important and how it can make you and your team better, more well-rounded architects and developers
  • Learn the most effective ways to integrate threat modeling into your development lifecycle
  • Use the results of a threat modeling exercise on other aspects of the system lifecycle

Table of Contents

  1. Preface
    1. Conventions Used in This Book
    2. Using Code Examples
    3. O’Reilly Online Learning
    4. How to Contact Us
    5. Acknowledgments
  2. 1. The Basics
    1. What is Threat Modeling?
    2. We are all threat modelers
    3. Threat Modeling is a contact, team sport.
    4. Software development practices have evolved
    5. Developing secure systems
    6. No more waterfalling
    7. Implementation and Testing
    8. Documentation and Deployment
    9. Summary
  3. 2. Security Principles
    1. Principles
      1. Who is who and what is what
      2. The importance of principles
      3. The Sacred Triad (And Some Close Friends) of Security
      4. Confidentiality
      5. Integrity
      6. Availability
      7. Privacy
      8. Safety
    2. Fundamental Controls
      1. Identification
      2. Authentication
      3. Authorization
      4. Auditing
    3. Basic Design Patterns
      1. Zero Trust Input
      2. Least Privilege
      3. Fail Secure or Fail Safe
      4. Defense in Depth
      5. Keeping Things Simple
      6. Zero Trust Checking
      7. No secret sauce
      8. Separation of privilege
      9. Consider the human factor
      10. Effective logging
    4. Risk Concepts
      1. Severity vs Risk
      2. Future Looking Innovations
    5. Summary
  4. 3. The Art of (Threat) Modeling
    1. System Modeling
    2. Trees, Graphs, and Flows
      1. Data Flow Diagrams
      2. Sequence Diagrams
      3. Attack Trees
      4. Fishbone Diagrams
    3. Facilitating Model Construction
    4. Good vs Perfect
    5. Drawing a system model ready for analysis: A lesson in model building
      1. Things to consider in preparation
      2. Basic System Details
      3. Outcome #1: Context Layer (L0)
      4. Outcome #2: Layer 1 (L1) Diagrams
    6. Summary
44.222.169.53