Getting familiar with threat modeling concepts

Threat modeling is more or less associated with software development as an exercise that occurs after the software design phase but prior to software deployment. These exercises are known to take place in software development, system, network, and security teams upon major software releases by either drawing a full end-to-end data flow diagram or a data flow and network diagram to determine how to employ security controls and countermeasures. These drawings can be physically on a white board or via software tools such as Microsoft's free Threat Modeling Tool and web applications such as https://draw.io which have a number of template diagrams that can be used for a variety of purposes. The idea ...

Get IoT Penetration Testing Cookbook now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.