Commit Graph

44 Commits

Author SHA1 Message Date
Mohammed A Imran
7e4331fd2f
Merge branch 'master' into add-threat-modeling-card-game 2022-05-30 15:40:33 +08:00
Mohammed A Imran
1695df35c8
Merge pull request #21 from denhamparry/master
Add Kubernetes Threat Modeling
2022-05-30 15:39:18 +08:00
Mohammed A Imran
4b0fe819c1
Merge pull request #20 from xntrik/add-deciduous
Add Deciduous
2022-05-30 15:37:56 +08:00
Christoph Niehoff
cb4c389001
Added mention of the online version of eop and cornucopia card games 2022-03-25 14:25:03 +01:00
Lewis Denham-Parry
62fba86821
docs: add Kubernetes Threat Modeling
- add link to paid Kubernetes Threat Modeling workshop
2021-11-24 10:26:24 +00:00
xntrik
b2d3feb53b Add Deciduous 2021-09-28 15:22:32 +08:00
Mohammed A Imran
c4849c3023
Merge pull request #19 from security-prince/patch-1
Proposal to add Threagile
2021-06-19 16:44:27 +08:00
Mohammed A Imran
8223a2c611
Add Oauth2 threat model 2021-06-19 16:43:03 +08:00
Ishaq Mohammed
4d4744349c
Adding Threagile 2021-06-16 21:00:33 +05:30
Mohammed A Imran
269bb6b41a
Merge pull request #12 from DiabloHorn/patch-1
Update README.md
2021-04-28 00:01:04 +08:00
Mohammed A Imran
4007c2b134
Merge branch 'master' into patch-1 2021-04-28 00:00:56 +08:00
Mohammed A Imran
8117aa6818
Merge pull request #8 from abstraktor/patch-1
Added refs to YAKINDU Security Analyst and 21434
2021-04-27 23:58:45 +08:00
Mohammed A Imran
ffb18e21ca
Merge branch 'master' into patch-1 2021-04-27 23:58:30 +08:00
Mohammed A Imran
114d44b51b
Merge pull request #14 from owangen/owangen-patch-1
Update README.md
2021-04-27 18:48:31 +08:00
Mohammed A Imran
2a35e1e94d
Merge pull request #15 from hyakuhei/Add-mal-lang
Add MAL to the free tools section
2021-04-27 18:31:07 +08:00
Mohammed A Imran
bbfbd7d3e3
Merge pull request #16 from izar/master
Added Threat Modeling Manifesto
2021-04-27 18:30:14 +08:00
Mohammed A Imran
708a24e3dc
Merge pull request #18 from geoffrey-hill-tutamantic/master
+ Rapid Threat Model Prototyping to Free Courses
2021-04-27 18:29:06 +08:00
Tutamantic
500a0553fc
+ Tutamen Paid Tool
Tutamen is available for use.
2021-03-08 23:42:11 +00:00
Tutamantic
0668329ad3
+ Rapid Threat Model Prototyping to Free Courses
RTMP is a threat modelling technique that decreases the time to make a threat model by focusing on getting the Access Control issues sorted first (Elevation of privilege in STRIDE). It uses STRIDE as its main description language but allows for integration with CWE and OWASP Top 10.
https://github.com/geoffrey-hill-tutamantic/rapid-threat-model-prototyping-docs

RTMP allows a practioner to add metadata describing the threats and mitigations directly to software diagrams, speeding up the whole threat modeling process. This is done through 11 simple steps which can be repeated across all sizes of projects.

RTMP also outlines how to properly integrate these steps into Agile workstreams and how to best use the outputs of a threat model (Threats & Mitigations).
2021-03-08 23:23:26 +00:00
Izar Tarandach
8f43195062 Added Threat Modeling Manifesto 2021-02-09 12:16:16 -05:00
Robert
b7dca66108
Update README.md 2021-02-04 12:52:42 -08:00
Robert
c0e891f062
Update README.md 2021-02-04 12:51:51 -08:00
Robert
3dea6aa096
Update README.md 2021-02-04 12:51:26 -08:00
Robert
023b1aaccf
Added MAL to the list of free tools
Added MAL, I think it's interesting and readers of this page may find it useful. 

I'm not in any way associated with Foreseeti.
2021-02-04 12:50:36 -08:00
owangen
29df2f1a3a
Update README.md 2020-12-18 09:22:27 +01:00
Mohammed A Imran
222116edbc
Merge pull request #11 from izar/master
Fixed title for book, added number of supported threats to pytm and …
2020-11-07 12:38:46 +08:00
DiabloHorn
2015e19f14
Update README.md
Added a blog which describes how to threat model a slack bot
2020-10-25 17:04:35 +01:00
Izar Tarandach
048fc5a09b Fixed title for book, added number of supported threats to pytm and added a video on TM for DevOps by Alyssa Miller 2020-10-23 09:06:05 -04:00
Mohammed A Imran
6116fdc815
Merge pull request #9 from JOSHUAJEBARAJ/master
Update README.md
2020-10-22 12:47:44 +08:00
Mohammed A Imran
3fda73744c
Merge pull request #10 from SpekBin/master
Fixing link to PDF
2020-10-22 12:46:54 +08:00
Peter Thaleikis
6712dc4348
Fixing link to PDF 2020-10-21 23:31:35 +04:00
joshua_jebaraj
f4cebd353f
Update README.md 2020-10-01 01:49:39 +05:30
abstraktor
d23843f1b1
Undo confusion
Fat fingers…
2020-07-23 08:51:14 +02:00
abstraktor
05e05b1819
Fixed broken link from threatmodeler.com
It yielded a 404
2020-07-23 08:45:59 +02:00
abstraktor
6c95a7668e
Added refs to YAKINDU Security Analyst and 21434
- added Video: [ISO/SAE 21434 by Example](https://youtu.be/3LsNx-ljIK8?t=1180)
- added example: [ISO/SAE 21434 Annex G Example in YAKINDU Security Analyst](https://github.com/Yakindu/YSA-examples)
- added paid tool: [YAKINDU Security Analyst](https://www.itemis.com/de/yakindu/security-analyst/) - YAKINDU Security Analyst is a model-based software tool for threat analysis and risk assessment of technical systems. With Security Analyst you can identify your protection needs, analyze possible threats and calculate the resulting risks. The underlying assessment model and calculation logic are highly customizable and can be integrated into existing toolchains.


disclaimer: I'm a developer of it and speaker in that talk
2020-07-22 12:15:47 +02:00
Mohammed A Imran
576d615a1d
Merge pull request #5 from izar/master
Just some more resources
2020-04-14 22:07:39 +08:00
Jon Gadsden
ff5c8a2a64
fix link for Threat Dragon (#7) 2020-04-14 22:05:50 +08:00
izar
9cc167ac6e Video, examples and tools addition. Fixed Contributing reference 2020-02-03 12:49:40 -05:00
Mohammed A Imran
221ace2ff4
Add PDSO link (#4)
* Add PDSO link

* Make the image full width

* Add new image

* Add link to PDSO University
2020-01-07 16:01:54 +08:00
Mohammed A Imran
553c926229
Add Threat model examples (#2)
* Add Threat model examples, thanks Patrick

* Fix awesome-lint issues

* Fix awesome-lint issues
2020-01-06 20:25:22 +08:00
Mohammed A Imran
959923ee45
Add a space between text and logo 2019-12-29 22:11:20 +08:00
joshua_jebaraj
1860d2575a Add Threat modelling content to the README.md (#1)
* added read-me

* revoked the travis error

* added the appseco link

* Updated `Rvm`

* updated flag

* updated the url

* updated the old

* updated the flags

* updated the broken links

* added the course

* updated Readme

* Add practical devsecops logo and update readme.md

Co-authored-by: Mohammed A Imran <secfigo@gmail.com>
2019-12-29 22:10:38 +08:00
Mohammed A Imran
e1c012558c
Create .travis integration 2019-12-29 14:35:24 +08:00
Mohammed A Imran
5d3aad5cc2
Initial commit 2019-12-29 14:30:52 +08:00