STRIDE Threat Modeling using Microsoft Threat Modeling Tool
56,046
Published 2021-03-03
This video is part of the computer/information/cyber security and ethical hacking lecture series; by Z. Cliffe Schreuders at Leeds Beckett University. Laboratory work sheets, slides, and other open educational resources are available at z.cliffe.schreuders.org/.
The slides themselves are creative commons licensed CC-BY-SA, and images used are licensed as individually attributed.
All Comments (13)
-
this channel is soo underrated. I'm gonna share it with my class colleagues, YOU SIR SAVED MY LIFE.
-
Awesome video explaining core concepts with simple examples. Thank you!
-
Appreciate it. I just wanted to see someone else using the software.
-
great tutorial, thanks
-
hello, Please do you think this software is always accurate (specifically for iot threat modeling) ? and which is better using this software or manually collecting relevant threats and mitigations from standard libraries ? I'm new to this topic I'd love to hear your opinions / experiences . thanks
-
great video! question: what is an easy way to spot vulnerabilities by looking at the treat property screen? is that the title? For instance, "weak credential storage" that is pretty easy to determine it as vulnerability and the threat would be someone (hacker) tampering with such information. But in the case of the title "elevation by changing the execution flow /etc/passwd" what would be the vulnerability?
-
Thanks!
-
Hi @ZCliffeSchreuders, how can I add a missing element to the application. I do not have the Human User element and need it
-
How can one open .tm7 file from OneDrive/Sharepoint? Documentation says it is possible, but there is no UI to do it.
-
what tool do you use sir?
-
Do you believe that STRIDE is the most efficient threat modeling framework? The framework seems a little vague to me, even though I know that large corporations use it, I even work in one... Apart from the fact that the tool contains some bugs, it lacks stencils for the real world, I would rate it as 4/10 the framework and the tool, that's being generous. but your video is great :D
-
dont know what you are trying to do....training should be giving step by wise properly and planned...