Threat Simulation & Modeling Training - PowerPoint PPT Presentation
Title:
Threat Simulation & Modeling Training
Description:
Threat Simulation & Modeling Training. Threat Simulation and Modeling Training – PowerPoint PPT presentation
Number of Views:148
Title: Threat Simulation & Modeling Training
1
Cyber Security Training Threat Simulation
Modeling Training
Call Us Today 1-972-665-9786 https//www.tonex.c
om/training-courses/threat-simulation-and-modeling
-training/
TAKE THIS COURSE
Since 1993, Tonex has specialized in providing
industry-leading training, courses, seminars,
workshops, and consulting services. Fortune 500
companies certified.
2
(No Transcript)
3
- Audience
- Course designed for
- IT professionals
- Executives and managers of cybersecurity and
threat modeling area - Information technology professionals, web
engineers, security analysts - Security operation personnel, network
administrators, system integrators - Security traders to understand the threat
modeling techniques - Investors and contractors who plan to make
investments in cybersecurity - Technicians, operators, and maintenance personnel
- Managers, accountants, and executives of
cybersecurity industry. - Price 1,699.00 Length 2 Days
Threat Simulation and Modeling Training https//ww
w.tonex.com/training-courses/threat-simulation-and
-modeling-training/
TAKE THIS COURSE
4
Threat simulation and modeling training shows you
the different sorts of threat modeling procedures
and causes you to apply threat modeling as a
propelled preventive type of security. By
taking the threat simulation and modeling
training by TONEX, you will learn about the main
concepts in threat modeling, application threats,
software development life cycle (SDLC), and
common types of threats. TONEX as a pioneer in
security industry for over 15 years is currently
reporting the threat simulation and modeling
training which causes you to perceive
philosophies, devices and case studies of
fruitful threat modeling method.
Threat Simulation and Modeling Training https//ww
w.tonex.com/training-courses/threat-simulation-and
-modeling-training/
TAKE THIS COURSE
5
TONEX TRAINING Threat Simulation
Modeling Training Call Us Today
1-972-665-9786
2 Days Course
TAKE THIS COURSE
Threat Simulation and Modeling Training https//ww
w.tonex.com/training-courses/threat-simulation-and
-modeling-training/
6
Threat Simulation and Modeling Training course
covers a variety of topics in cybersecurity area
such as process for attack simulation and threat
analysis (PASTA), PASTA steps, common attack
patter enumeration and classification
(CAPEC), threat modeling with SDLC, and existing
threat modeling approaches. Moreover, you will
be introduced to threat analysis, weakens and
vulnerability analysis, attack modeling and
simulation, and residual risk analysis and
management. Threat simulation and modeling
training course introduces different techniques
of threat modeling which you may apply to your
own products to ensure the security, or develop
more secure environment for your software
product.
Threat Simulation and Modeling Training https//ww
w.tonex.com/training-courses/threat-simulation-and
-modeling-training/
TAKE THIS COURSE
7
- Learn About
- PASTA, objectives of risk analysis, risk centric
threat modeling, and weakness and vulnerability
analysis basics. - Common attack pattern enumeration such as HTTP
response splitting, SQL injection, XSS strings,
phishing, buffer overflow, authentication
protocol attacks or even cache poisoning. - Threat analysis approaches and principles to give
you the step by step straight forward methodology
to conduct the threat modeling and analysis.
Moreover, a detailed introduction of existing
threat modeling approaches are included in the
course. Examples of such approaches can be CVSS,
CERT, DREAD, and SDL threat modeling.
Threat Simulation and Modeling Training https//ww
w.tonex.com/training-courses/threat-simulation-and
-modeling-training/
TAKE THIS COURSE
8
TONEX TRAINING Threat Simulation
Modeling Training Call Us Today
1-972-665-9786
2 Days Course
TAKE THIS COURSE
Threat Simulation and Modeling Training https//ww
w.tonex.com/training-courses/threat-simulation-and
-modeling-training/
9
Who Can Benefit from Threat Simulation and
Modeling Training If you are an IT professional
who specialize in computer security, you will
benefit the presentations, examples, case
studies, discussions, and individual activities
upon the completion of threat simulation and
modeling training and will prepare yourself for
your career. Threat Simulation and Modeling
Training Features Threat simulation and
modeling training will introduce a set of labs,
workshops and group activities of real world case
studies in order to prepare you to tackle all the
related computer threat challenges. Our
instructors at TONEX will help you to understand
the step by step procedure for attack simulation
and modeling such as enumerating the attack
vector, assessing the probability of attacks,
attack driven security tests or attack library
update.
Threat Simulation and Modeling Training https//ww
w.tonex.com/training-courses/threat-simulation-and
-modeling-training/
TAKE THIS COURSE
10
- Audience
- The threat simulation and modeling training is a
2-day course designed for - IT professionals in the area of information
security and cybersecurity - Executives and managers of cybersecurity and
threat modeling area - Information technology professionals, web
engineers, security analysts, policy analysts - Security operation personnel, network
administrators, system integrators and security
consultants - Security traders to understand the threat
modeling techniques - Investors and contractors who plan to make
investments in cybersecurity industry. - Technicians, operators, and maintenance personnel
who are or will be working on threat modeling
projects - Managers, accountants, and executives of
cybersecurity industry.
Threat Simulation and Modeling Training https//ww
w.tonex.com/training-courses/threat-simulation-and
-modeling-training/
TAKE THIS COURSE
11
- Training Objectives
- Upon completion of threat simulation and modeling
training course, the attendees are able to - Identify the goals of threat modeling
- Recognize the tools for threat modeling
- Identifying the step by step procedure for threat
modeling and simulation - Describe different types of threats in threat
analysis techniques - Identify the existing threat modeling approaches
and procedures - Understand common attack pattern enumeration and
classification - Describe the process for attack simulation and
threat analysis - Conduct threat modeling and simulation techniques
for real world problems
Threat Simulation and Modeling Training https//ww
w.tonex.com/training-courses/threat-simulation-and
-modeling-training/
TAKE THIS COURSE
12
TONEX TRAINING Threat Simulation
Modeling Training Call Us Today
1-972-665-9786
2 Days Course
TAKE THIS COURSE
Threat Simulation and Modeling Training https//ww
w.tonex.com/training-courses/threat-simulation-and
-modeling-training/
13
- Training Outline
- Threat simulation and modeling training course
consists of the following lessons, which can be
revised and tailored to the clients need - Threat Modeling Overview
- Introduction to Process for Attack Simulation and
Threat Analysis (PASTA) - Process for Attack Simulation and Threat Analysis
- Common Attack Pattern Enumeration and
Classification (CAPEC) - Threat Modeling within SDLC
- Existing Threat Modeling Approaches
- Threat Analysis
- Weakness and Vulnerability Analysis
- Attack Modeling and Simulation
- Residual Risk Analysis and Management
Threat Simulation and Modeling Training https//ww
w.tonex.com/training-courses/threat-simulation-and
-modeling-training/
TAKE THIS COURSE
14
- Threat Modeling Overview
- Definition of Threat Modeling
- Assets, Threats, and Vulnerabilities
- Software Implementation, Real and Perfect World
- Network Threats
- Host Threats
- Application Threats
- Software Development Life Cycle (SDLC)
- Threat Modeling Steps
- Categorizing Threats with STRIDE
- Spoofing Identity
- Tampering with Data
- Repudiation
- Information disclosure
- Denial of Service
- Elevation of Privilege
- Difference between Threat and Vulnerability
- DREAD and Integration Testing
Threat Simulation and Modeling Training https//ww
w.tonex.com/training-courses/threat-simulation-and
-modeling-training/
TAKE THIS COURSE
15
TONEX TRAINING Threat Simulation
Modeling Training Call Us Today
1-972-665-9786
2 Days Course
TAKE THIS COURSE
Threat Simulation and Modeling Training https//ww
w.tonex.com/training-courses/threat-simulation-and
-modeling-training/
16
- Introduction to Process for Attack Simulation and
Threat Analysis (PASTA) - Objectives of Risk Analysis
- Obtaining the Business Requirements
- Defining Data Protection Requirements
- Privacy Laws
- Initial Risk Profile
- Risk Management Objectives
- Risk Centric Threat Modeling
- Inherent Challenges to Threat Modeling
- Input/output for PASTA Process
- Definition of the Technical Scope (DTS)
- Application Decomposition and Analysis (ADA)
- Threat Analysis
- Weakness and Vulnerability Analysis (WVA)
- Attack Modeling and Simulation
- Risk Analysis and Management
Threat Simulation and Modeling Training https//ww
w.tonex.com/training-courses/threat-simulation-and
-modeling-training/
TAKE THIS COURSE
17
- Process for Attack Simulation and Threat
Analysis - Use Cases from Business Objectives
- Converging Security, Compliance and Privacy
- PASTA Objective Hierarchy
- Compliance and Business Impact
- Inherent Risk
- Integration Opportunities of PASTA
- Enumerate Software Components
- Identify Actors and Data Sources/sinks
- Enumerate System-level Services
- Enumerate Third Party Infrastructure
- Assert Completeness of Secure Technical Design
- Procurements Impact
- Enumerate Application Use Cases
- Data Flow Diagram (DFD) of Identified Components
- Security Functional Analysis
Threat Simulation and Modeling Training https//ww
w.tonex.com/training-courses/threat-simulation-and
-modeling-training/
TAKE THIS COURSE
18
TONEX TRAINING Threat Simulation
Modeling Training Call Us Today
1-972-665-9786
2 Days Course
TAKE THIS COURSE
Threat Simulation and Modeling Training https//ww
w.tonex.com/training-courses/threat-simulation-and
-modeling-training/
19
- Common Attack Pattern Enumeration and
Classification (CAPEC) - HTTP Response Splitting
- SQL Injection
- XSS in HTTP Query Strings
- Session Fixation
- Phishing
- Filter Failure Through Buffer Over Flow
- Removing Guard Logic
- Lifting Embedded Data
- Subvert Code Facilities
- Reflection Attack in Authentication Protocol
- Web Server Misclassification
- Forced Deadlock
- Cache Poisoning
- Restful Privilege Escalation
Threat Simulation and Modeling Training https//ww
w.tonex.com/training-courses/threat-simulation-and
-modeling-training/
TAKE THIS COURSE
20
- Threat Modeling within SDLC
- Identifying Assets
- Architecture Overview
- Application Decomposition
- Threat Identification
- Threat Documentation
- Threat Rating
- Damage Potential
- Reproducibility
- Exploitability
- Affected Users
Threat Simulation and Modeling Training https//ww
w.tonex.com/training-courses/threat-simulation-and
-modeling-training/
TAKE THIS COURSE
21
TONEX TRAINING Threat Simulation
Modeling Training Call Us Today
1-972-665-9786
2 Days Course
TAKE THIS COURSE
Threat Simulation and Modeling Training https//ww
w.tonex.com/training-courses/threat-simulation-and
-modeling-training/
22
- Existing Threat Modeling Approaches
- Security Centric Approach
- Security Centric Threat Models for Complex
Attacks - STRIDE
- STRIDE Threat Categorization Table
- Common Vulnerability Scoring System (CVSS)
- Computer Emergency Response Team (CERT)
- Common Attack Pattern Enumeration and
Classification (CAPEC) - Risk Based Approach in Threat Modeling
- DREAD
- Threat Analysis and Modeling (TAM) Threat
Modeling Tool - SDL Threat Modeling
- Trike Methodology
Threat Simulation and Modeling Training https//ww
w.tonex.com/training-courses/threat-simulation-and
-modeling-training/
TAKE THIS COURSE
23
- Threat Analysis
- Credible Source of Threat Data
- Leverage Internal Sources of Data
- Enumerate Likely Threat Agents
- Threat Likelihood Value
- Analyzing Overall Threat Scenario
- Threat Intelligence Gathering from Internal
Source - Threat Intelligence Gathering from External
Source - Threat Library Update
- Threat Agents to Asset Mapping
- Probabilistic Value Around Identified Threats
Threat Simulation and Modeling Training https//ww
w.tonex.com/training-courses/threat-simulation-and
-modeling-training/
TAKE THIS COURSE
24
TONEX TRAINING Threat Simulation
Modeling Training Call Us Today
1-972-665-9786
2 Days Course
TAKE THIS COURSE
Threat Simulation and Modeling Training https//ww
w.tonex.com/training-courses/threat-simulation-and
-modeling-training/
25
- Weakness and Vulnerability Analysis
- Correlating the Existing Vulnerability Data
- Identifying Weak Design Patterns
- Map Threats to Vulnerabilities
- Contextual Risk Analysis
- Targeted Vulnerability Testing
- Attack Modeling and Simulation
- Possible Attack Scenarios
- Attack Library Update
- Attack Surface Update
- Enumerating the Attack Vectors
- Assessing the Probability of Attacks
- Derive a Set of Cases to Test Existing
Countermeasures - Conduct Attack Driven Security Tests
Threat Simulation and Modeling Training https//ww
w.tonex.com/training-courses/threat-simulation-and
-modeling-training/
TAKE THIS COURSE
26
- Residual Risk Analysis and Management
- Risk Assessment
- Internal/external Threat Data
- Viability of Attacks
- Identifying countermeasures
- Residual Risk Calculation
- Severity Rating
- Probability Coefficient
- Number of countermeasures
- Strategies to Risk Management
Threat Simulation and Modeling Training https//ww
w.tonex.com/training-courses/threat-simulation-and
-modeling-training/
TAKE THIS COURSE
27
TONEX TRAINING Threat Simulation
Modeling Training Call Us Today
1-972-665-9786
2 Days Course
TAKE THIS COURSE
Threat Simulation and Modeling Training https//ww
w.tonex.com/training-courses/threat-simulation-and
-modeling-training/
28
- Hands On, Workshops, and Group Activities
- Labs
- Workshops
- Group Activities
- Sample Workshops and Labs for threat simulation
and modeling Training - Threat Modeling Hands On
- Microsoft Threat Analysis and Modeling Tool
Overview - Generating Threat Models
- Generating Threat Model Diagram
- Threat Analysis Case Study
- PASTA Procedure Step by Step Case Study
- DREAD Threat Modeling Case
Threat Simulation and Modeling Training https//ww
w.tonex.com/training-courses/threat-simulation-and
-modeling-training/
TAKE THIS COURSE
29
TONEX TRAINING Threat Simulation
Modeling Training Call Us Today
1-972-665-9786
2 Days Course
TAKE THIS COURSE
Threat Simulation and Modeling Training https//ww
w.tonex.com/training-courses/threat-simulation-and
-modeling-training/
30
Cybersecurity Training Seminars
Cybersecurity used to be thought of as a
specialized, niche occupation. But with the
advance of cybercrimes over the past few years,
just about everyone with access to a laptop,
desktop or mobile device has had to do something
to protect their electronic data. Cybersecurity
Foundation Iot Security Risk Management Framework
Training Wireless Security Training https//www.t
onex.com/cybersecurity-training-seminars/
31
(No Transcript)
32
Threat Simulation and Modeling Training
https//www.tonex.com/training-courses/threat-simu
lation-and-modeling-training/
TAKE THIS COURSE
33
(No Transcript)
Recommended
CrystalGraphics Presentations
