Overview
This course aims to teach learners how to fix broken or non-existent threat models in enterprise settings using OWASP efforts. The course covers topics such as risk dilemmas, the threat modeling process, IoT security, common denominators, threat landscape, roles, integration, and specific OWASP projects. The teaching method involves a keynote presentation by an industry expert, providing real-world examples and practical insights. The course is intended for *Sec practitioners, security professionals, AppSec professionals, and individuals interested in improving security practices within their organizations.
Syllabus
Introduction
Risk Dilemmas
Threat Modeling Process
IOT
Context
Common denominator
Threat model stories
Funneling context
Threat landscape
Missing deliverables
Roles
Integration
Projects
blinding threat modeling
Cisco Project
Web Testing Framework
Model Security Rule
Besom
Taught by
OWASP Foundation