[OWASP-Bangalore] Threat Modeling - Anyone working on it
npatil854 at gmail.com
Sun Jul 8 07:39:16 UTC 2018
There is Microsoft Threat modeling tool -
To start work community edition would be useful.
On Sat, Jul 7, 2018 at 10:31 AM Abhay Bhargav <abhaybhargav at gmail.com>
> I second Akash's recommendations.
> I'd also like to add the following:
> - https://www.owasp.org/images/a/aa/AppSecEU2012_PASTA.pdf => PASTA
> Threat Modeling Methodology
> => Similar Presentation on Threat Modeling
> - I'd recommend some work done by Continuum Security as well.
> - I have been extensively involved with both attack and defensive
> threat modeling, specifically around automation and integrating it into
> AGILE/SCRUM like environments. Here's an article:
> - A tool that we have authored (open source) that expounds and adds
> on to these concepts, called ThreatPlaybook:
> On Fri, Jul 6, 2018 at 8:42 PM Akash <akashmahajan at gmail.com> wrote:
>> An excellent place to start with Threat Modelling is to look at
>> Adam Shostack (Author of the best book on Threat Modeling) himself is
>> part of the sub reddit.
>> If you are looking at a light weigh way to get started with Data Flow
>> Diagrams consider using OWASP Threat Dragon to create those and enumerate
>> the risks.
>> Also I am keenly awaiting more documentation or video from this
>> particular talk at the recently concluded OWASP Summit.
>> On 5 July 2018 at 08:48, cyber research <001.appsec.007 at gmail.com> wrote:
>>> Hi Folks,
>>> Good Morning!
>>> Is there anyone working on *Threat Modeling* ?? If Yes could you please
>>> share/ help me with resources if any like example prototypes / blogs
>>> /tutorials etc..
>>> Could you please ping here then i will reach you in your availability.
>>> Thanks & Regards,
>>> [email protected]!001
>>> OWASP-Bangalore mailing list
>>> OWASP-Bangalore at lists.owasp.org
>>> Twitter : @owaspbangalore
>> Warm regards,
>> Akash Mahajan
>> *That Web Application Security Guy* | +91 99 805 271 82
>> akashm.com | *@makash* on twitter | linkd.in/webappsecguy
>> *OWASP Bangalore Chapter Lead | null Community Manager*
>> OWASP-Bangalore mailing list
>> OWASP-Bangalore at lists.owasp.org
>> Twitter : @owaspbangalore
> OWASP-Bangalore mailing list
> OWASP-Bangalore at lists.owasp.org
> Twitter : @owaspbangalore
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Bangalore