From the course: A Bug Bounty Toolkit for Security Researchers
Join today to access over 24,800 courses taught by industry experts.
Threat modeling fundamentals
From the course: A Bug Bounty Toolkit for Security Researchers
Threat modeling fundamentals
- [Instructor] Threat modeling is a structured approach to identifying and assessing potential security threats and vulnerabilities in a system. So let's explore some key concepts and methodology for threat modeling. The first one is identifying assets. Assets are valuable components of a system that needs protection, such as data, software, hardware, network, and cloud resources. For example, in application assets might include user data, payment information, database, and the web server itself. Identifying these assets helps you understand what's needs protection and where to focus your security efforts. Next is identifying threats. Threats are potential events or action that could harm your assets. They can come in various form, including external attackers, insider threat, or natural disaster. For instance, an external attacker might try to steal user data through a SQL injection vulnerability. The threat here is loss of user data or data exfiltration by exploiting SQL injection…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.