Git Product home page Git Product logo

rapid-threat-model-prototyping-docs's Introduction

Rapid Threat Model Prototyping (RTMP) documents

This repository stores content that can be used to design a Rapid Threat Model Prototyping (RTMP) process for a software development group. The repository will contain process documents and eventually helper code to implement the RTMP process.

RTMP is a threat modelling technique that decreases the time to make a threat model while also enabling the process to become more streamlined and effective. The methodology lends itself to automation and inclusion in an Agile or DevOps workflow.

All files are covered under the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

You can find out more here

files

=====

  1. 18q08.aug.Rapid Threat Model Prototyping.pptx
    • original presentation of RTMP process
  2. 18x14.nov.3.Rapid Threat Model Prototyping - step by step.draw.io sample diagram.xml
    • sample draw.io diagram to test the process
  3. 18x14.nov.3.Rapid Threat Model Prototyping - step by step.pptx
    • Walkthrough presentation of RTMP process,showing the steps
  4. 18x26.Tutamen HOWTO-Rapid Threat Model Prototyping.docx
    • in-depth walkthrough document of RTMP process, going into detail, with examples
  5. 18x26.Tutamen HOWTO-Rapid Threat Model Prototyping.pdf
    • same document as the docx above, but in pdf format
  6. 19f31.jan.TRAINING - Threat Modeling Introduction and RTMP.pptx
    • this slide deck contains actual training which can be systematically followed
  7. 19k27.may.Rapid Threat Model Prototyping.pptx
    • This new deck was created for OWASP AppSec Global Summit 2019 in Tel Aviv. It has the latest version.
  8. 19h20.mar.mapping table - STRIDE-OT10-CWE-OPC-ASVS.xlsx
    • This sheet will help a team to map the STRIDE threats to other frameworks to either find more specific threats or to find mitigations. This enables a team to not have the burden of maintaining Threat and Security Mitigation libraries.These are now based on the standard OWASP mitigation libraries.
  9. 19m04.jun.INFEU18_Geoffrey Hill - Rapid Threat Model Prototyping _PPT_Tech_Talks.pptx
    • Infosecurity Europe presentation
  10. Kill Chain.pptx
  • This shows the attack kill chain

rapid-threat-model-prototyping-docs's People

Contributors

geoffrey-hill-tutamantic avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.