This book introduces the Process for Attack Simulation &Threat Analysis (PASTA) threat modeling methodology. It provides anintroduction to various types of application threat modeling andintroduces a risk–centric methodology aimed at applying securitycountermeasures that are commensurate to the possible impact thatcould be sustained from defined threat models, vulnerabilities,weaknesses, and attack patterns. This book describes how to apply application threat modeling asan advanced preventive form of security. The authors discuss themethodologies, tools, and case studies of successful applicationthreat modeling techniques. Chapter 1 provides an overview ofthreat modeling, while Chapter 2 describes the objectives andbenefits of threat modeling. Chapter 3 focuses on existing threatmodeling approaches, and Chapter 4 discusses integrating threatmodeling within the different types of Software DevelopmentLifecycles (SDLCs). Threat modeling and risk management is thefocus of Chapter 5. Chapter 6 and Chapter 7 examine Processfor Attack Simulation and Threat Analysis (PASTA). Finally, Chapter8 shows how to use the PASTA risk–centric threat modeling processto analyze the risks of specific threat agents targeting webapplications. This chapter focuses specifically on the webapplication assets that include customer s confidential dataand business critical functionality that the web applicationprovides. Provides a detailed walkthrough of the PASTAmethodology alongside software development activities,normally conducted via a standard SDLC process Offers precise steps to take when combating threats tobusinesses Examines real–life data breach incidents and lessons forrisk management Risk Centric Threat Modeling: Process for Attack Simulationand Threat Analysis is a resource for software developers,architects, technical risk managers, and seasoned securityprofessionals.
- ISBN: 978-0-470-50096-5
- Editorial: Wiley–Blackwell
- Encuadernacion: Cartoné
- Páginas: 704
- Fecha Publicación: 03/07/2015
- Nº Volúmenes: 1
- Idioma: Inglés
- Inicio /
- /