Risk Centric Threat Modeling (ePub)
Process for Attack Simulation and Threat Analysis
(Sprache: Englisch)
This book introduces the Process for Attack Simulation &
Threat Analysis (PASTA) threat modeling methodology. It provides an
introduction to various types of application threat modeling and
introduces a risk-centric methodology aimed at applying...
Threat Analysis (PASTA) threat modeling methodology. It provides an
introduction to various types of application threat modeling and
introduces a risk-centric methodology aimed at applying...
sofort als Download lieferbar
eBook (ePub)
100.99 €
- Lastschrift, Kreditkarte, Paypal, Rechnung
- Kostenloser tolino webreader
Produktdetails
Produktinformationen zu „Risk Centric Threat Modeling (ePub)“
This book introduces the Process for Attack Simulation &
Threat Analysis (PASTA) threat modeling methodology. It provides an
introduction to various types of application threat modeling and
introduces a risk-centric methodology aimed at applying security
countermeasures that are commensurate to the possible impact that
could be sustained from defined threat models, vulnerabilities,
weaknesses, and attack patterns.
This book describes how to apply application threat modeling as
an advanced preventive form of security. The authors discuss the
methodologies, tools, and case studies of successful application
threat modeling techniques. Chapter 1 provides an overview of
threat modeling, while Chapter 2 describes the objectives and
benefits of threat modeling. Chapter 3 focuses on existing threat
modeling approaches, and Chapter 4 discusses integrating threat
modeling within the different types of Software Development
Lifecycles (SDLCs). Threat modeling and risk management is the
focus of Chapter 5. Chapter 6 and Chapter 7 examine Process
for Attack Simulation and Threat Analysis (PASTA). Finally, Chapter
8 shows how to use the PASTA risk-centric threat modeling process
to analyze the risks of specific threat agents targeting web
applications. This chapter focuses specifically on the web
application assets that include customer's confidential data
and business critical functionality that the web application
provides.
* Provides a detailed walkthrough of the PASTA
methodology alongside software development activities,
normally conducted via a standard SDLC process
* Offers precise steps to take when combating threats to
businesses
* Examines real-life data breach incidents and lessons for
risk management
Risk Centric Threat Modeling: Process for Attack Simulation
and Threat Analysis is a resource for software developers,
architects, technical risk managers, and seasoned security
professionals.
Threat Analysis (PASTA) threat modeling methodology. It provides an
introduction to various types of application threat modeling and
introduces a risk-centric methodology aimed at applying security
countermeasures that are commensurate to the possible impact that
could be sustained from defined threat models, vulnerabilities,
weaknesses, and attack patterns.
This book describes how to apply application threat modeling as
an advanced preventive form of security. The authors discuss the
methodologies, tools, and case studies of successful application
threat modeling techniques. Chapter 1 provides an overview of
threat modeling, while Chapter 2 describes the objectives and
benefits of threat modeling. Chapter 3 focuses on existing threat
modeling approaches, and Chapter 4 discusses integrating threat
modeling within the different types of Software Development
Lifecycles (SDLCs). Threat modeling and risk management is the
focus of Chapter 5. Chapter 6 and Chapter 7 examine Process
for Attack Simulation and Threat Analysis (PASTA). Finally, Chapter
8 shows how to use the PASTA risk-centric threat modeling process
to analyze the risks of specific threat agents targeting web
applications. This chapter focuses specifically on the web
application assets that include customer's confidential data
and business critical functionality that the web application
provides.
* Provides a detailed walkthrough of the PASTA
methodology alongside software development activities,
normally conducted via a standard SDLC process
* Offers precise steps to take when combating threats to
businesses
* Examines real-life data breach incidents and lessons for
risk management
Risk Centric Threat Modeling: Process for Attack Simulation
and Threat Analysis is a resource for software developers,
architects, technical risk managers, and seasoned security
professionals.
Autoren-Porträt von Tony UcedaVelez, Marco M. Morana
Tony UcedaVélez is CEO at VerSprite, an Atlanta based security services firm assisting global MNCs on various areas of cyber security, secure software development, threat modeling and security risk management. Tony has worked and led teams in the areas of application security, penetration testing, security architecture, and technical risk management for various organizations in Utility, Banking, Government, Retail, Healthcare, and Information Services.Marco M Morana serves as Senior Vice President-Application Security Architect for CitiGroup, where he is responsible for managing the architecture risk analysis and threat modeling program globally and leads global initiatives to mitigate risks of emerging cyber-threats targeting web applications of institutional clients. Marco has designed and developed business critical security software products for several Fortune 500 companies, and also for NASA.
Bibliographische Angaben
- Autoren: Tony UcedaVelez , Marco M. Morana
- 2015, 1. Auflage, 696 Seiten, Englisch
- Verlag: John Wiley & Sons
- ISBN-10: 1118988353
- ISBN-13: 9781118988350
- Erscheinungsdatum: 12.05.2015
Abhängig von Bildschirmgröße und eingestellter Schriftgröße kann die Seitenzahl auf Ihrem Lesegerät variieren.
eBook Informationen
- Dateiformat: ePub
- Größe: 25 MB
- Mit Kopierschutz
Sprache:
Englisch
Kopierschutz
Dieses eBook können Sie uneingeschränkt auf allen Geräten der tolino Familie lesen. Zum Lesen auf sonstigen eReadern und am PC benötigen Sie eine Adobe ID.
Kommentar zu "Risk Centric Threat Modeling"
0 Gebrauchte Artikel zu „Risk Centric Threat Modeling“
Zustand | Preis | Porto | Zahlung | Verkäufer | Rating |
---|
Schreiben Sie einen Kommentar zu "Risk Centric Threat Modeling".
Kommentar verfassen