In this webinar, we identify the top 10 architectural flaws, or risks, that threat modeling identifies. To give a sense of perspective, we classify where each of these flaws fits into the STRIDE framework. STRIDE is a mnemonic for identifying security threats: Spoofing, Tampering, Repudiation, Information disclosure, Denial of Service and Elevation of Privilege.
For each flaw we detail its technical impact, and where possible, point out the business implications as well. Also, where possible, we try to offer an estimate for the magnitude of the challenge of protecting against a particular flaw, circumstances under which the flaw tends to occur and some examples of the flaw.
It’s easy to get a false sense of security when it comes to security, and this webinar is a starting point on where to look for architectural flaws, especially when the architecture changes. Because at the end of the day, threat modeling is a mental exercise in thinking through what your adversary is going to do. Hopefully this webinar prepares you in that regard.