Threat modeling : designing for security /
Shostack, Adam.
Threat modeling : designing for security / Adam Shostack. - Indianapolis, IN : Wiley, 2014. - xxxiii, 590 páginas : ilustraciones, gráficas a blanco y negro ; 24 cm.
Material de apoyo del Departamento Seguridad Operativa.
Introduction, xxi -- Part I. getting started, 1 -- Chapter 1. Dive in and threat modell, 3 -- Chapter 2. Strategies for threat modeling, 29 -- Part II. Finding threats, 59 -- Chapter 3. Stride, 61 -- Chapter 4. Attack trees, 87 -- Chapter 5. Attack libraries, 101 -- 6. Privacy tools, 111 -- Part III. Managing and addressing threats, 123 -- Chapter 7. Processing and managing threats, 125 -- Chapter 8. Defensive tactics and technologies, 145 -- Chapter 9. Trade-offs when addressing threats, 167 -- Chapter 10. Validating that threats are addressed, 189 -- Chapter 11. Threat modeling tools, 203 -- Part IV. Threat modeling in technologies and tricky areas, 215 -- Chapter 12. Requirements cookbook, 217 -- Chapter 13. Web and cloud threats, 243 -- Chapter 14. Accounts and identity, 253 -- Chapter 15. Human factors and usability, 293 -- Chapter 16. Threats to cryptosystems, 333 -- Part V. Taking it to the next level, 353 -- Chater 17. Bringing threat modeling to your organization, 355 -- Chapter 18. Experimental approaches, 385 -- Chapter 19. Architecting for success, 407 -- Appendix A. Helpful tools, 421 -- Appendix B. Threat trees, 429 -- Appendix C. Attcker lists, 477 -- Appendix D. Elevation of privilege: The cards, 501 -- Appendix E. Case studies, 511 -- Glossary, 533 -- Bibliography, 543 -- Index, 567
Seguridad en computadores.
Redes de información.
QA 76 .9 .A25 / .S56 2014
Threat modeling : designing for security / Adam Shostack. - Indianapolis, IN : Wiley, 2014. - xxxiii, 590 páginas : ilustraciones, gráficas a blanco y negro ; 24 cm.
Material de apoyo del Departamento Seguridad Operativa.
Introduction, xxi -- Part I. getting started, 1 -- Chapter 1. Dive in and threat modell, 3 -- Chapter 2. Strategies for threat modeling, 29 -- Part II. Finding threats, 59 -- Chapter 3. Stride, 61 -- Chapter 4. Attack trees, 87 -- Chapter 5. Attack libraries, 101 -- 6. Privacy tools, 111 -- Part III. Managing and addressing threats, 123 -- Chapter 7. Processing and managing threats, 125 -- Chapter 8. Defensive tactics and technologies, 145 -- Chapter 9. Trade-offs when addressing threats, 167 -- Chapter 10. Validating that threats are addressed, 189 -- Chapter 11. Threat modeling tools, 203 -- Part IV. Threat modeling in technologies and tricky areas, 215 -- Chapter 12. Requirements cookbook, 217 -- Chapter 13. Web and cloud threats, 243 -- Chapter 14. Accounts and identity, 253 -- Chapter 15. Human factors and usability, 293 -- Chapter 16. Threats to cryptosystems, 333 -- Part V. Taking it to the next level, 353 -- Chater 17. Bringing threat modeling to your organization, 355 -- Chapter 18. Experimental approaches, 385 -- Chapter 19. Architecting for success, 407 -- Appendix A. Helpful tools, 421 -- Appendix B. Threat trees, 429 -- Appendix C. Attcker lists, 477 -- Appendix D. Elevation of privilege: The cards, 501 -- Appendix E. Case studies, 511 -- Glossary, 533 -- Bibliography, 543 -- Index, 567
Seguridad en computadores.
Redes de información.
QA 76 .9 .A25 / .S56 2014