Chapter 2. Using Threat Models for Security Testing

As demonstrated in the combination lock example in Chapter 1, it is important to really understand how something works to identify potential security issues. Threat modeling is a process that can be used to outline how a piece of software works, what the software interacts with, and how data enters and leaves the software or part of the software and to enumerate potential security threats. In the lock example, we discussed how ...

Get Hunting Security Bugs now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.