This course aims to teach learners how to bring rapid prototyping to the threat model process. The learning outcomes include understanding the importance of threat modeling in software architecture, learning to build security into software, and identifying high-threat areas using the Rapid Threat Model Prototyping (RTMP) process. The course covers skills such as just-in-time design, creating data flow diagrams, utilizing mitigation patterns, and implementing automated analysis workflows. The teaching method involves a lecture-style presentation by an industry expert. The intended audience for this course includes software developers, security professionals, and individuals working in Agile/DevOps environments looking to enhance their threat modeling practices.
Bringing Rapid Prototyping to the Threat Model Process
Overview
Syllabus
Introduction
Who am I
How projects go nuclear
Visa
What Should Threat Modeling Do
Flaws vs Bugs
Solution Design
Security Framework
Mitigations
Dataflow Diagrams
The Final Sprint
Emergent Design
Open Sam
Rapid Prototype
Rapid Prototyping
Planning
Data Flow Diagram
Project Overview
Elevation of Privilege
Sprint Zero
Example
Defense
Rule of Thumb
Ranking Components
Create
Rules
Zone Math
State Case
Mitigation Patterns
Taught by
OWASP Foundation
