TY - BOOK AU - Shostack,Adam TI - Threat modeling : : designing for security / AV - QA 76 .9 .A25 .S56 2014 PY - 2014/// CY - Indianapolis, IN : PB - Wiley, KW - Seguridad en computadores KW - Redes de informaciĆ³n N1 - Material de apoyo del Departamento Seguridad Operativa; Introduction, xxi --; Part I. getting started, 1 --; Chapter 1. Dive in and threat modell, 3 --; Chapter 2. Strategies for threat modeling, 29 --; Part II. Finding threats, 59 --; Chapter 3. Stride, 61 --; Chapter 4. Attack trees, 87 --; Chapter 5. Attack libraries, 101 --; 6. Privacy tools, 111 --; Part III. Managing and addressing threats, 123 --; Chapter 7. Processing and managing threats, 125 --; Chapter 8. Defensive tactics and technologies, 145 --; Chapter 9. Trade-offs when addressing threats, 167 --; Chapter 10. Validating that threats are addressed, 189 --; Chapter 11. Threat modeling tools, 203 --; Part IV. Threat modeling in technologies and tricky areas, 215 --; Chapter 12. Requirements cookbook, 217 --; Chapter 13. Web and cloud threats, 243 --; Chapter 14. Accounts and identity, 253 --; Chapter 15. Human factors and usability, 293 --; Chapter 16. Threats to cryptosystems, 333 --; Part V. Taking it to the next level, 353 --; Chater 17. Bringing threat modeling to your organization, 355 --; Chapter 18. Experimental approaches, 385 --; Chapter 19. Architecting for success, 407 --; Appendix A. Helpful tools, 421 --; Appendix B. Threat trees, 429 --; Appendix C. Attcker lists, 477 --; Appendix D. Elevation of privilege: The cards, 501 --; Appendix E. Case studies, 511 --; Glossary, 533 --; Bibliography, 543 --; Index, 567 ER -