From the course: Cloud Data, Platform, and Applications Security by Pearson
Join today to access over 25,200 courses taught by industry experts.
Software threat modeling methods
From the course: Cloud Data, Platform, and Applications Security by Pearson
Software threat modeling methods
Now, one thing I want to emphasize is the fact that you don't have to be a programmer or a software developer to pass this exam, by no means. In fact, I got my first CISSP in 2002, I let my cert lapse, and then retook the exam in 2016, and I've never been a software programmer. And you don't have to be either. I'm going to give you everything you need to know to make sure that you fulfill the application security domain. Now, when I took my exam, which was before the 2022 summer refresher update, Stride was critical to be aware of. However, in this lesson, there are other threat modeling techniques, and you have to be familiar with those for this exam. Now, Stride is a developer-focused threat modeling tool, basically focused on letting developers know the common security threats they'll deal with in the Windows design phase. So it's a methodology from Microsoft. It goes back to 2002, part of their trustworthy computing directive. The focus is to have applications meet security…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
-
-
(Locked)
Module introduction1m 25s
-
(Locked)
Learning objectives32s
-
(Locked)
Cloud application architecture elements10m 1s
-
(Locked)
Cloud development6m 9s
-
(Locked)
SDLC business requirements and phases8m 56s
-
(Locked)
Common software vulnerabilities5m 55s
-
(Locked)
Software threat modeling methods8m 53s
-
(Locked)
Secure coding methodologies5m 48s
-
(Locked)
Software configuration management and versioning4m 46s
-
(Locked)
-
-
-