Risk centric threat modeling: process for attack simulation and threat analysis

By: UcedaVelez, Tony [Author] | Morana, Marco M [Co-Author]Material type: Text

TextLanguage: English Publication details: New Jersey: Wiley Data and Cybersecurity, 2015. Description: xxvi, 664pISBN: 9781118988367Subject(s): Threat Modeling within the SDLC | Threat Modeling and Risk Management | Existing Threat Modeling ApproachesDDC classification: 658.4038 Online resources: Click here to access online

Tags from this library: No tags from this library for this title. Log in to add tags.

Average rating: 0.0 (0 votes)

Holdings ( 1 )
Title notes ( 1 )

Holdings
Item type	Current library	Call number	Status	Date due	Barcode
e-Books	Dr. S. R. Ranganathan Library Ebook (Online Access)	658.4038 (Browse shelf(Opens below))	Available		EB0213

Browsing Dr. S. R. Ranganathan Library shelves, Shelving location: Ebook (Online Access) Close shelf browser (Hides shelf browser)

Previous								Next
Previous	658.0563 Reimagining businesses with AI	658.4 The CISO evolution: business knowledge for cybersecurity executives	658.4 (Online Access) Breakthroughs in decision science and risk analysis	658.4038 Risk centric threat modeling: process for attack simulation and threat analysis	658.4038 (Online Access) Applied incident response	658.404 PMP project management professional practice tests: 2021 exam update	658.478 IAPP CIPP / US certified information privacy professional study guide	Next

This book introduces the Process for Attack Simulation & Threat Analysis (PASTA) threat modeling methodology. It provides an introduction to various types of application threat modeling and introduces a risk-centric methodology aimed at applying security countermeasures that are commensurate to the possible impact that could be sustained from defined threat models, vulnerabilities, weaknesses, and attack patterns.

This book describes how to apply application threat modeling as an advanced preventive form of security. The authors discuss the methodologies, tools, and case studies of successful application threat modeling techniques. Chapter 1 provides an overview of threat modeling, while Chapter 2 describes the objectives and benefits of threat modeling. Chapter 3 focuses on existing threat modeling approaches, and Chapter 4 discusses integrating threat modeling within the different types of Software Development Lifecycles (SDLCs). Threat modeling and risk management is the focus of Chapter 5. Chapter 6 and Chapter 7 examine Process for Attack Simulation and Threat Analysis (PASTA). Finally, Chapter 8 shows how to use the PASTA risk-centric threat modeling process to analyze the risks of specific threat agents targeting web applications. This chapter focuses specifically on the web application assets that include customer’s confidential data and business critical functionality that the web application provides.

• Provides a detailed walkthrough of the PASTA methodology alongside software development activities, normally conducted via a standard SDLC process

• Offers precise steps to take when combating threats to businesses

• Examines real-life data breach incidents and lessons for risk management

Risk Centric Threat Modeling: Process for Attack Simulation and Threat Analysis is a resource for software developers, architects, technical risk managers, and seasoned security professionals.