Threat Modeling Gameplay with EoP. A reference manual for spotting threats in software architecture - Helion

ebook

Autor: Brett Crawley, Adam Shostack
Tytuł oryginału: Threat Modeling Gameplay with EoP. A reference manual for spotting threats in software architecture
ISBN: 9781835089156
stron: 256, Format: ebook
Data wydania: 2024-08-09
Księgarnia: Helion

Cena książki: 129,00 zł

Osoby, które kupiły tę książkę, wybierały także »

Are you looking to navigate security risks, but want to make your learning experience fun? Here's a comprehensive guide that introduces the concept of play to protect, helping you discover the threats that could affect your software design via gameplay.
Each chapter in this book covers a suit in the Elevation of Privilege (EoP) card deck (a threat category), providing example threats, references, and suggested mitigations for each card. You’ll explore the methodology for threat modeling—Spoofing, Tampering, Repudiation, Information Disclosure, and Elevation of Privilege (S.T.R.I.D.E.) with Privacy deck and the T.R.I.M. extension pack. T.R.I.M. is a framework for privacy that stands for Transfer, Retention/Removal, Inference, and Minimization. Throughout the book, you’ll learn the meanings of these terms and how they should be applied. From spotting vulnerabilities to implementing practical solutions, the chapters provide actionable strategies for fortifying the security of software systems.
By the end of this book, you will be able to recognize threats, understand privacy regulations, access references for further exploration, and get familiarized with techniques to protect against these threats and minimize risks.

Osoby które kupowały "Threat Modeling Gameplay with EoP. A reference manual for spotting threats in software architecture", wybierały także:

Cisco CCNA 200-301. Kurs video. Administrowanie bezpieczeństwem sieci. Część 3 665,00 zł, (39,90 zł -94%)
Cisco CCNA 200-301. Kurs video. Administrowanie urządzeniami Cisco. Część 2 665,00 zł, (39,90 zł -94%)
Cisco CCNA 200-301. Kurs video. Podstawy sieci komputerowych i konfiguracji. Część 1 665,00 zł, (39,90 zł -94%)
Cisco CCNP Enterprise 350-401 ENCOR. Kurs video. Programowanie i automatyzacja sieci 443,33 zł, (39,90 zł -91%)
CCNP Enterprise 350-401 ENCOR. Kurs video. Mechanizmy kierowania ruchem pakiet 443,33 zł, (39,90 zł -91%)

Spis treści

Threat Modeling Gameplay with EoP. A reference manual for spotting threats in software architecture eBook -- spis treści

1. Game Play
2. Spoofing
3. Tampering
4. Repudiation
5. Information Disclosure
6. Denial of Service
7. Elevation of Privilege
8. Privacy
9. Transfer
10. Retention/Removal
11. Inference
12. Minimization
13. Glossary
14. Further Reading