ianonymous3000 , to Cybersecurity
@ianonymous3000@mastodon.social avatar

📚 Just completed the 'Basics of Personal Threat Modeling' course by @privacyguides 🛡️

Threat modeling is crucial because it helps identify and prioritize the most probable security and privacy risks. It enables focused resource allocation, tailored defenses, and heightened awareness.

Check it out: https://learn.privacyguides.org

image/png

outwitplaylist , to Random stuff
@outwitplaylist@infosec.exchange avatar

Are there formalized approaches to threat modeling? Something like a standardized online questionnaire, am multiple choice test that will ask someone what they are actually worried about and automatically generate them a manual of best practices that will render those threats reasonably improbable.

shellsharks ,
@shellsharks@infosec.exchange avatar

@outwitplaylist LOTS of published methodologies on out there. I've scoured the interwebs and made a long writeup on just about all of them here https://shellsharks.com/threat-modeling. Some are more "prescriptive" and recipe-based while others leave room for interpretation. Some go to great lengths for you to inventory assets, data, oerceived threats, etc... take a look and let me know what you think. Happy o discuss more too since I did do a fair bit of research on it.

SheHacksPurple , to Random stuff
@SheHacksPurple@infosec.exchange avatar

🎉 Level Up Your Threat Modeling Skills with me and @adamshostack! 🚀

Are you ready to master threat modeling? Join us for the "Maturing Your Threat Modeling Skills" @semgrep Community virtual event Jan 25, 9:00 am PT.

https://semgrep.dev/events/maturing-your-threat-modeling-skills/

SheHacksPurple , to Random stuff
@SheHacksPurple@infosec.exchange avatar

It’s !!!! Are you looking for a professional mentor or to learn more about InfoSec? Are you experienced and willing to ‘give back’? Use this thread and hashtag to connect!

shellsharks ,
@shellsharks@infosec.exchange avatar

@frijolito @SheHacksPurple If it helps, here’s a guide I made for you could apply to your project. https://shellsharks.com/threat-modeling. Feel free to reach out further if interested!

hacksilon , to Random stuff
@hacksilon@infosec.exchange avatar

Hi, I'm Max 👋​. I work as a security specialist for iteratec, a German software company. My focus is on threat modeling, some light pentesting, and secure architectures, but I also love learning about bug bounty techniques, static code analysis, cryptography (the kind without the chains), and other security topics.

As part of my job, I'm also contributing to the OWASP secureCodeBox, an Open Source security scanner orchestration engine maintained by iteratec: https://github.com/securecodebox/securecodebox

I occasionally write about interesting bugs I encounter as part of my work. You can find my long-form writing on my blog: https://blog.maass.xyz/

Before moving to industry, I was a PhD student at @seemoo, where my research focus was on online security, privacy, and how to notify system operators about misconfigured and insecure systems. You can find my papers online, for free: https://scholar.google.com/citations?user=_InDEEgAAAAJ&hl=en

Looking forward to meeting all of you!

  • All
  • Subscribed
  • Moderated
  • Favorites
  • Mordhau
  • WatchParties
  • Rutgers
  • steinbach
  • Lexington
  • cragsand
  • mead
  • RetroGamingNetwork
  • mauerstrassenwetten
  • loren
  • xyz
  • PowerRangers
  • AnarchoCapitalism
  • kamenrider
  • supersentai
  • itdept
  • neondivide
  • space_engine
  • AgeRegression
  • WarhammerFantasy
  • Teensy
  • learnviet
  • bjj
  • khanate
  • electropalaeography
  • MidnightClan
  • jeremy
  • fandic
  • All magazines
    •