This course aims to teach learners how to fix broken or non-existent threat models in enterprise settings using OWASP efforts. The course covers topics such as risk dilemmas, the threat modeling process, IoT security, common denominators, threat landscape, roles, integration, and specific OWASP projects. The teaching method involves a keynote presentation by an industry expert, providing real-world examples and practical insights. The course is intended for *Sec practitioners, security professionals, AppSec professionals, and individuals interested in improving security practices within their organizations.
Fixing Broken Enterprise Threat Models with OWASP Efforts - Commissioning AppSec Professionals for Real Change
Overview
Syllabus
Introduction
Risk Dilemmas
Threat Modeling Process
IOT
Context
Common denominator
Threat model stories
Funneling context
Threat landscape
Missing deliverables
Roles
Integration
Projects
blinding threat modeling
Cisco Project
Web Testing Framework
Model Security Rule
Besom
Taught by
OWASP Foundation
Related Courses
-
OWASP Based Threat Modelling - Creating A Feedback Model in an Agile Environment
-
Threat Modeling for Secure Software Design
-
Attacking and Defending Mobility and IoT on the Enterprise Network
-
Using the Threat Modeling Manifesto to Build an Enterprise Threat Modeling Program
-
API Security - Is it the New Application Attack Surface and How to Secure at Enterprise Scale
-
Enterprise Class Threat Management Like A Boss - Rockie Brockway
