Threat Modeling Gamification for Fun and Profit – With Threat Dragon and EoP (Vlad Styran)
Автор: OWASP Kyiv
Загружено: 2021-03-06
Просмотров: 7407
Описание:
In this talk, Vlad Styran shows how the BSG (https://bsg.tech) team Threat Models during security testing projects to achieve the completeness of the scope of work. They use gamification to improve this process, and it is much less boring than you expect from a threat modeling session. They leverage OWASP Threat Dragon (https://owasp.org/www-project-threat-...) to create and export data flow diagrams, and the Elevation of Privilege online card game (https://github.com/dehydr8/elevation-...) to brainstorm relevant threats.
Slides: https://www.slideshare.net/sapran/thr...
Повторяем попытку...
Доступные форматы для скачивания:
Скачать видео
-
Информация по загрузке: