Skip to main content
Sujet
Action-Oriented Threat Modeling with ThreatPlaybook
Description
Threat Modeling is a critical activity for product engineering teams. In the rare event that it is conducted, no actionable outputs emerge from the exercise and thereby, the activity relegated to the status of a "Policy/Best Practice Document". We believe that threat models are playbooks of product security engineering and thus, we feel that the best way to conduct it is by integrating it into the Software Development Lifecycle (SDL). It is our belief that Threat Models should produce actionable outputs that can be acted upon by various teams within the organization.
To address this lacuna, we have developed “ThreatPlaybook" - an open source "Threat Modeling as Code" framework, that allows product teams to capture user stories, abuser stories, threat models and security test cases in YAML Files (like Ansible). With the help of test automation frameworks (in this case, Robot Framework), ThreatPlaybook allows product engineering teams and pentesting teams to not only capture Threat Models as code but also trigger specific security test cases with tools like OWASP ZAP, BurpSuite, WFuzz, Sublist3r, Nmap and so on. The benefits are as below:
1) For teams to use Threat Modeling as a first-class citizen(with code). Facilitating iterative and updated threat models and security test cases, as the product evolves (not a stationary document)
2) For threat modeling to become actionable. Product teams can use this framework to compose "Recipes", where user stories (functionality) leads to abuser stories (threat profiles) which lead to threat models (scenarios), that are used to create security test cases (which kick off certain tools) based on the recipes written for the test cases
3) This approach leads to a convergence of threat modeling and security testing, allowing teams to improve both security testing and threat modeling based on results produced through this framework
Heure
Jul 18, 2018 11:00 AM in
Heure normale de l’Est (États-Unis et Canada)
Le webinaire est terminé, vous ne pouvez plus vous inscrire. Si vous avez des questions, veuillez prendre contact avec l’animateur du webinaire :
Rahul Raghavan
.
×
Partager par e-mail
Tous les champs sont obligatoires
Vos renseignements
Envoyer à
Aperçu du message
Bonjour, vous êtes invité à un webinaire Zoom. Quand : juil. 18, 2018 11:00 AM Heure normale de l’Est (États-Unis et Canada) Sujet : Action-Oriented Threat Modeling with ThreatPlaybook Veuillez vous inscrire à la date et l’heure qui vous conviennent le mieux : https://zoom.us/webinar/register/WN_mDV81qciSI2MvbAJibmMlw Après votre inscription, vous recevrez un e-mail de confirmation contenant les instructions pour rejoindre le webinaire.
×
Changer de fuseau horaire
Fuseau horaire:
(GMT-11:00) Îles Midway, Samoa
(GMT-11:00) Pago Pago
(GMT-10:00) Hawaii
(GMT-8:00) Alaska
(GMT-8:00) Juneau
(GMT-7:00) Vancouver
(GMT-7:00) Heure normale du Pacifique (États-Unis et Canada)
(GMT-7:00) Tijuana
(GMT-7:00) Arizona
(GMT-6:00) Edmonton
(GMT-6:00) Heure normale des Rocheuses (États-Unis et Canada)
(GMT-6:00) Mazatlán
(GMT-6:00) Saskatchewan
(GMT-6:00) Guatemala
(GMT-6:00) El Salvador
(GMT-6:00) Managua
(GMT-6:00) Costa Rica
(GMT-6:00) Tegucigalpa
(GMT-6:00) Chihuahua
(GMT-5:00) Winnipeg
(GMT-5:00) Heure normale du Centre (États-Unis et Canada)
(GMT-5:00) Mexico
(GMT-5:00) Panama
(GMT-5:00) Bogota
(GMT-5:00) Lima
(GMT-5:00) Monterrey
(GMT-4:00) Montréal
(GMT-4:00) Heure normale de l’Est (États-Unis et Canada)
(GMT-4:00) Indiana (Est)
(GMT-4:00) Puerto Rico
(GMT-4:00) Caracas
(GMT-4:00) Santiago
(GMT-4:00) La Paz
(GMT-4:00) Guyana
(GMT-3:00) Halifax
(GMT-3:00) Montevideo
(GMT-3:00) Brasilia
(GMT-3:00) Buenos Aires, Georgetown
(GMT-3:00) São Paulo
(GMT-3:00) Heure de l’Atlantique (Canada)
(GMT-2:30) Terre-Neuve-et-Labrador
(GMT-2:00) Groenland
(GMT-1:00) Îles du Cap-Vert
(GMT+0:00) Açores
(GMT+0:00) Temps universel UTC
(GMT+0:00) Temps universel coordonné
(GMT+0:00) Reykjavik
(GMT+0:00) Nouakchott
(GMT+1:00) Dublin
(GMT+1:00) Londres
(GMT+1:00) Lisbonne
(GMT+1:00) Casablanca
(GMT+1:00) Afrique centrale de l’Ouest
(GMT+1:00) Alger
(GMT+1:00) Tunis
(GMT+2:00) Belgrade, Bratislava, Ljubljana
(GMT+2:00) Sarajevo, Skopje, Zagreb
(GMT+2:00) Oslo
(GMT+2:00) Copenhague
(GMT+2:00) Bruxelles
(GMT+2:00) Amsterdam, Berlin, Rome, Stockholm, Vienne
(GMT+2:00) Amsterdam
(GMT+2:00) Rome
(GMT+2:00) Stockholm
(GMT+2:00) Vienne
(GMT+2:00) Luxembourg
(GMT+2:00) Paris
(GMT+2:00) Zurich
(GMT+2:00) Madrid
(GMT+2:00) Harare, Prétoria
(GMT+2:00) Varsovie
(GMT+2:00) Prague Bratislava
(GMT+2:00) Budapest
(GMT+2:00) Tripoli
(GMT+2:00) Le Caire
(GMT+2:00) Johannesburg
(GMT+3:00) Helsinki
(GMT+3:00) Nairobi
(GMT+3:00) Sofia
(GMT+3:00) Istanbul
(GMT+3:00) Athènes
(GMT+3:00) Bucarest
(GMT+3:00) Nicosie
(GMT+3:00) Beyrouth
(GMT+3:00) Damas
(GMT+3:00) Jérusalem
(GMT+3:00) Amman
(GMT+3:00) Moscou
(GMT+3:00) Bagdad
(GMT+3:00) Koweït
(GMT+3:00) Riyad
(GMT+3:00) Bahreïn
(GMT+3:00) Qatar
(GMT+3:00) Aden
(GMT+3:00) Khartoum
(GMT+3:00) Djibouti
(GMT+3:00) Mogadiscio
(GMT+3:00) Kiev
(GMT+3:00) Minsk
(GMT+4:00) Dubaï
(GMT+4:00) Muscat
(GMT+4:00) Bakou, Tbilissi, Erevan
(GMT+4:30) Téhéran
(GMT+4:30) Kaboul
(GMT+5:00) Yekaterinburg
(GMT+5:00) Islamabad, Karachi, Tachkent
(GMT+5:30) Inde
(GMT+5:30) Mumbai, Kolkata, New Delhi
(GMT+5:45) Katmandou
(GMT+6:00) Almaty
(GMT+6:00) Dacca
(GMT+6:00) Astana, Dhaka
(GMT+6:30) Rangoun
(GMT+7:00) Novosibirsk
(GMT+7:00) Krasnoyarsk
(GMT+7:00) Bangkok
(GMT+7:00) Vietnam
(GMT+7:00) Jakarta
(GMT+8:00) Irkoutsk, Oulan-Bator
(GMT+8:00) Beijing, Shanghai
(GMT+8:00) Hong Kong
(GMT+8:00) Taipei
(GMT+8:00) Kuala Lumpur
(GMT+8:00) Singapour
(GMT+8:00) Perth
(GMT+9:00) Yakutsk
(GMT+9:00) Séoul
(GMT+9:00) Osaka, Sapporo, Tokyo
(GMT+9:30) Darwin
(GMT+9:30) Adélaïde
(GMT+10:00) Vladivostok
(GMT+10:00) Guam, Port Moresby
(GMT+10:00) Brisbane
(GMT+10:00) Canberra, Melbourne, Sydney
(GMT+10:00) Hobart
(GMT+11:00) Magadan
(GMT+11:00) Îles Salomon
(GMT+11:00) Nouvelle-Calédonie
(GMT+12:00) Kamchatka
(GMT+12:00) Îles Fidji, Îles Marshall
(GMT+12:00) Auckland, Wellington
(GMT+13:00) Independent State of Samoa
×
Continue to PayPal
Click to Continue
×