mirror of
https://github.com/hysnsec/awesome-threat-modelling.git
synced 2024-10-01 08:25:38 -04:00
+ Rapid Threat Model Prototyping to Free Courses
RTMP is a threat modelling technique that decreases the time to make a threat model by focusing on getting the Access Control issues sorted first (Elevation of privilege in STRIDE). It uses STRIDE as its main description language but allows for integration with CWE and OWASP Top 10. https://github.com/geoffrey-hill-tutamantic/rapid-threat-model-prototyping-docs RTMP allows a practioner to add metadata describing the threats and mitigations directly to software diagrams, speeding up the whole threat modeling process. This is done through 11 simple steps which can be repeated across all sizes of projects. RTMP also outlines how to properly integrate these steps into Agile workstreams and how to best use the outputs of a threat model (Threats & Mitigations).
This commit is contained in:
parent
222116edbc
commit
0668329ad3
@ -39,6 +39,7 @@ Contributions welcome. Add links through pull requests or create an issue to sta
|
|||||||
- [Threat Modeling, or Architectural Risk Analysis by Coursera](https://www.coursera.org/lecture/software-security/threat-modeling-or-architectural-risk-analysis-bQAoU)
|
- [Threat Modeling, or Architectural Risk Analysis by Coursera](https://www.coursera.org/lecture/software-security/threat-modeling-or-architectural-risk-analysis-bQAoU)
|
||||||
|
|
||||||
- [Threat Modeling Workshop by Robert Hurlbut](https://github.com/rhurlbut/CodeMash2019/blob/master/Robert-Hurlbut-CodeMash2019-Threat-Modeling-Workshop-20190108.pdf)
|
- [Threat Modeling Workshop by Robert Hurlbut](https://github.com/rhurlbut/CodeMash2019/blob/master/Robert-Hurlbut-CodeMash2019-Threat-Modeling-Workshop-20190108.pdf)
|
||||||
|
- [Rapid Threat Model Prototyping (RTMP)](https://github.com/geoffrey-hill-tutamantic/rapid-threat-model-prototyping-docs) - Methodology to create quick threat models (1) add threat metadata describing the threats and mitigations directly to software diagrams using 11 simple and repeatable steps (2) integrate these steps into Agile workstreams (3) how to best use the outputs of a threat model (Threats & Mitigations)
|
||||||
|
|
||||||
|
|
||||||
### Paid
|
### Paid
|
||||||
|
Loading…
Reference in New Issue
Block a user