STRIDE Threat Modeling using Microsoft Threat Modeling Tool

56,046

379 0

Published 2021-03-03

The separate Threat Modeling video has more detail of the actual process of using STRIDE to identify threats, this video provides a walk through and demo.

This video is part of the computer/information/cyber security and ethical hacking lecture series; by Z. Cliffe Schreuders at Leeds Beckett University. Laboratory work sheets, slides, and other open educational resources are available at z.cliffe.schreuders.org/.

The slides themselves are creative commons licensed CC-BY-SA, and images used are licensed as individually attributed.

All Comments (13)

@touficjammoul4482 2 years ago

this channel is soo underrated. I'm gonna share it with my class colleagues, YOU SIR SAVED MY LIFE.
@EasySecurity 2 years ago

Awesome video explaining core concepts with simple examples. Thank you!
@philn6350 2 years ago

Appreciate it. I just wanted to see someone else using the software.
@user-yf9zm3wo4n 2 years ago

great tutorial, thanks
@lynd6121 1 year ago

hello, Please do you think this software is always accurate (specifically for iot threat modeling) ? and which is better using this software or manually collecting relevant threats and mitigations from standard libraries ? I'm new to this topic I'd love to hear your opinions / experiences . thanks
@rumildaolik4905 1 year ago

great video! question: what is an easy way to spot vulnerabilities by looking at the treat property screen? is that the title? For instance, "weak credential storage" that is pretty easy to determine it as vulnerability and the threat would be someone (hacker) tampering with such information. But in the case of the title "elevation by changing the execution flow /etc/passwd" what would be the vulnerability?
@jiadingguo9603 3 years ago

Thanks!
@hlalanathimadotyeni2253 1 year ago

Hi @ZCliffeSchreuders, how can I add a missing element to the application. I do not have the Human User element and need it
@gnidarada 2 years ago

How can one open .tm7 file from OneDrive/Sharepoint? Documentation says it is possible, but there is no UI to do it.
@alexman340 2 years ago

what tool do you use sir?
@lucassilva-qk4iw 6 months ago

Do you believe that STRIDE is the most efficient threat modeling framework? The framework seems a little vague to me, even though I know that large corporations use it, I even work in one... Apart from the fact that the tool contains some bugs, it lacks stencils for the real world, I would rate it as 4/10 the framework and the tool, that's being generous. but your video is great :D
@adityabhatnagar7210 2 years ago

dont know what you are trying to do....training should be giving step by wise properly and planned...