Awesome-Mirrors/awesome-threat-modelling
1
0
Fork 0
mirror of https://github.com/hysnsec/awesome-threat-modelling.git synced 2024-10-01 08:25:38 -04:00
Code Issues Packages Projects Releases Wiki Activity
A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.
4 Commits 2 Branches 0 Tags 510 KiB
Dockerfile 100%
959923ee45
Go to file
Mohammed A Imran 959923ee45
Add a space between text and logo
2019-12-29 22:11:20 +08:00
images Add Threat modelling content to the README.md (#1) 2019-12-29 22:10:38 +08:00
.travis.yml Add Threat modelling content to the README.md (#1) 2019-12-29 22:10:38 +08:00
Contributing.md Add Threat modelling content to the README.md (#1) 2019-12-29 22:10:38 +08:00
LICENSE Initial commit 2019-12-29 14:30:52 +08:00
README.md Add a space between text and logo 2019-12-29 22:11:20 +08:00

README.md

Welcome to Awesome Threat Modeling Awesome

A curated list of threat modeling resources ( Books, courses - free and paid, videos, tools, tutorials and workshop to practice on ) for learning Threat modeling and initial phases of security review.

Contents

Awesome Threat Modeling Resources

Books

Books on threat modeling

Courses

Courses/Training videos on threat modeling

Free

Threat Modeling, or Architectural Risk Analysis by Coursera

Threat Modeling Workshop by Robert Hurlbut

Paid

DevSecOps Expert by Practical DevSecOps

Threat Modeling Fundamentals by Pluralsight

CyberSec First Responder: Threat Detection & Response CFR210 by Stone River eLearning

Learning Threat Modeling for Security Professionals by Adam Shostack

Threat Modeling: Spoofing In Depth by Adam Shostack

Threat Modeling: Tampering in Depth by Adam Shostack

Threat Modeling or Whiteboard Hacking training by Toreon

Videos

Videos talking about Threat modeling

Introduction, Threat Models by MIT OpenCourseWare

Creating a Threat Model using TMT 2016 by Alan B. Watkins

Using Threat Modeling by Synopsys

Threat Modeling in 2019 by Adam Shostack

Threat Modeling Toolkit by Jonathan Marcil

Adaptive Threat Modelling by Aaron Bedra

Threat modeling by Erlend Oftedal

Threat Model Every Story: Practical Continuous Threat Modeling Work for Your Team by Izar Tarandach

Threat Modeling for Secure Software Design by Robert Hurlbut

Fixing Threat Models with OWASP Efforts by Tony UcedaVelez

Designing for Security through Threat Modelling

Unlocking Threat Modeling by Brook Schoenfield

An Agile Approach to Threat Modeling for Securing Open Source Project EdgeX Foundry by Tingyu Zeng

Tutorials and Blogs

Tutorials and blogs which explain threat modeling

What Is Security Threat Modeling? by Lawrence C. Miller, Peter H. Gregory

Threat-modeling CheatSheet By Owasp by OWASP

Threat Modeling in the Enterprise, Part 1: Understanding the Basics by Stiliyana Simeonova

Threat Modeling: What, Why, and How? By Adam Shostack

Threat Modeling for Dummies by Adam Englander

DevSecOps, Threat Modeling and You: Get started using the STRIDE method by Bruno Amaro Almeida

Threat Modeling: The Why, How, When and Which Tools by Debarghya Pandit

Threat-modeling datasheet by Synopsys

Threat Modeling blog by Security Innovation

Threat Modeling: 6 Mistakes Youre Probably Making by Jeff Petters

How to Create a Threat Model for Cloud Infrastructure Security by Pat Cable

Why You Should Care About Threat Modelling by Suresh Marisetty

Benefits of Threat Modeling by Sangita Prajapati

Threat Modeling: a Summary of Available Methods Whitepaper by Nataliya Shevchenko, Timothy A. Chick, Paige ORiordan, Thomas Patrick Scanlon, PhD, & Carol Woody, PhD

Threat Modelling Toolkit by ThoughtWorks

How to get started with Threat Modeling, before you get hacked by Hackernoon

Thread Modeling tutoria by Geeks For Geeks

How to analyze the security of your application with threat modeling by Goran Aviani

Tactical Threat Modeling by SafeCode

The Power of a Tailored Threat Model Whitepaper by Looking Glass

7 Easy Steps For Building a Scalable Threat Modeling Process by Threatmodeler

Where is my Threat Model? by Abhisek Datta

Tools

Tools which helps in threat modelling

Free tools

OWASP Threat Dragon - An online threat modelling web application including system diagramming and a rule engine to auto-generate threats/mitigations.

Microsoft Threat Modeling Tool - Microsoft Threat Modeling Tool 2016 is a tool that helps in finding threats in the design phase of software projects.

Owasp-threat-dragon-gitlab - This project is a fork of the original OWASP Threat Dragon web application by Mike Goodwin with Gitlab integration instead of Github. You can use it with the Gitlab.com or your own instance of Gitlab.

raindance - Project intended to make Attack Maps part of software development by reducing the time it takes to complete them

threatspec - Threatspec is an open source project that aims to close the gap between development and security by bringing the threat modelling process further into the development process.

Paid tools

Irius risk - Iriusrisk is a threat modeling tool with an adaptive questionnaire driven by an expert system which guides the user through straight forward questions about the technical architecture, the planned features and security context of the application.

SD elements - Automate Threat Modeling with SD Elements

Foreseeti - SecuriCAD Vanguard is an attack simulation and automated threat modeling SaaS service that enables you to automatically simulate attacks on a virtual model of your AWS environment.

Contributing

Please refer the guidelines at contributing.md for details.

Sponsored by

Practical DevSecOps