Awesome-Mirrors
/
awesome-threat-modelling
mirror of https://github.com/hysnsec/awesome-threat-modelling.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added refs to YAKINDU Security Analyst and 21434 

- added Video: [ISO/SAE 21434 by Example](https://youtu.be/3LsNx-ljIK8?t=1180)
- added example: [ISO/SAE 21434 Annex G Example in YAKINDU Security Analyst](https://github.com/Yakindu/YSA-examples)
- added paid tool: [YAKINDU Security Analyst](https://www.itemis.com/de/yakindu/security-analyst/) - YAKINDU Security Analyst is a model-based software tool for threat analysis and risk assessment of technical systems. With Security Analyst you can identify your protection needs, analyze possible threats and calculate the resulting risks. The underlying assessment model and calculation logic are highly customizable and can be integrated into existing toolchains.


disclaimer: I'm a developer of it and speaker in that talk
This commit is contained in:
abstraktor 2020-07-22 12:15:47 +02:00 committed by GitHub
parent 576d615a1d
commit 6c95a7668e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
README.md
View File

@ -89,6 +89,9 @@ Contributions welcome. Add links through pull requests or create an issue to sta
- [An Agile Approach to Threat Modeling for Securing Open Source Project EdgeX Foundry](https://www.youtube.com/watch?v=iw-FzeKaj48)
- [Threat Modeling 101 (SAFECode On Demand Training Course)](https://www.youtube.com/watch?v=QQ7StGiy_-M)
- [ISO/SAE 21434 by Example](https://youtu.be/3LsNx-ljIK8?t=1180)
## Tutorials and Blogs
*Tutorials and blogs that explain threat modeling*
@ -141,6 +144,8 @@ Contributions welcome. Add links through pull requests or create an issue to sta
- [Where is my Threat Model?](https://blog.appsecco.com/where-is-my-threat-model-b6f8b077ac47)
- [Threat Modeling in a Risk Assessment Process](https://www.security-analyst.org/threat-analysis-and-risk-assessment/)
## Threat Model examples
@ -156,6 +161,8 @@ Contributions welcome. Add links through pull requests or create an issue to sta
- [Kubernetes Threat Model](https://github.com/kubernetes/community/tree/master/wg-security-audit/findings)
- [ISO/SAE 21434 Annex G Example in YAKINDU Security Analyst](https://github.com/Yakindu/YSA-examples)
## Tools
@ -185,6 +192,8 @@ Contributions welcome. Add links through pull requests or create an issue to sta
- [Foreseeti](https://www.foreseeti.com/) - SecuriCAD Vanguard is an attack simulation and automated threat modeling SaaS service that enables you to automatically simulate attacks on a virtual model of your AWS environment.
- [YAKINDU Security Analyst](https://www.itemis.com/de/yakindu/security-analyst/) - YAKINDU Security Analyst is a model-based software tool for threat analysis and risk assessment of technical systems. With Security Analyst you can identify your protection needs, analyze possible threats and calculate the resulting risks. The underlying assessment model and calculation logic are highly customizable and can be integrated into existing toolchains.
## Sponsor
![Practical DevSecOps](images/practical-devsecops-logo.png)