Threat Modeling - Info and Reading Options
Designing for Security
By Adam Shostack
"Threat Modeling" was published by Wiley & Sons, Incorporated, John in 2014 - New York, it has 1 pages and the language of the book is English.
“Threat Modeling” Metadata:
- Title: Threat Modeling
- Author: Adam Shostack
- Language: English
- Number of Pages: 1
- Publisher: ➤ Wiley & Sons, Incorporated, John
- Publish Date: 2014
- Publish Location: New York
“Threat Modeling” Subjects and Themes:
- Subjects: ➤ Development - Computer networks - Security measures - Computer security - Computer software - Computer networks / Security measures - Computer software / Development - Computersicherheit - Software Engineering
Edition Specifications:
- Pagination: 626
Edition Identifiers:
- The Open Library ID: OL39923415M - OL19978521W
- ISBN-13: 9781306427067 - 9781118822692 - 9781118810057
- All ISBNs: 9781306427067 - 9781118822692 - 9781118810057
AI-generated Review of “Threat Modeling”:
"Threat Modeling" Description:
Open Data:
Cover -- Title Page -- Copyright -- Contents -- Introduction -- Part I Getting Started -- Chapter 1 Dive In and Threat Model! -- Learning to Threat Model -- What Are You Building? -- What Can Go Wrong? -- Addressing Each Threat -- Checking Your Work -- Threat Modeling on Your Own -- Checklists for Diving In and Threat Modeling -- Summary -- Chapter 2 Strategies for Threat Modeling -- "What's Your Threat Model?" -- Brainstorming Your Threats -- Brainstorming Variants -- Literature Review -- Perspective on Brainstorming -- Structured Approaches to Threat Modeling -- Focusing on Assets -- Focusing on Attackers -- Focusing on Software -- Models of Software -- Types of Diagrams -- Trust Boundaries -- What to Include in a Diagram -- Complex Diagrams -- Labels in Diagrams -- Color in Diagrams -- Entry Points -- Validating Diagrams -- Summary -- Part II Finding Threats -- Chapter 3 STRIDE -- Understanding STRIDE and Why It's Useful -- Spoofing Threats -- Spoofing a Process or File on the Same Machine -- Spoofing a Machine -- Spoofing a Person -- Tampering Threats -- Tampering with a File -- Tampering with Memory -- Tampering with a Network -- Repudiation Threats -- Attacking the Logs -- Repudiating an Action -- Information Disclosure Threats -- Information Disclosure from a Process -- Information Disclosure from a Data Store -- Information Disclosure from a Data Flow -- Denial-of-Service Threats -- Elevation of Privilege Threats -- Elevate Privileges by Corrupting a Process -- Elevate Privileges through Authorization Failures -- Extended Example: STRIDE Threats against Acme-DB -- STRIDE Variants -- STRIDE-per-Element -- STRIDE-per-Interaction -- DESIST -- Exit Criteria -- Summary -- Chapter 4 Attack Trees -- Working with Attack Trees -- Using Attack Trees to Find Threats -- Creating New Attack Trees -- Representing a Tree
Read “Threat Modeling”:
Read “Threat Modeling” by choosing from the options below.
Search for “Threat Modeling” downloads:
Visit our Downloads Search page to see if downloads are available.
Find “Threat Modeling” in Libraries Near You:
Read or borrow “Threat Modeling” from your local library.
- The WorldCat Libraries Catalog: Find a copy of “Threat Modeling” at a library near you.
Buy “Threat Modeling” online:
Shop for “Threat Modeling” on popular online marketplaces.
- Ebay: New and used books.