Security Threat Modelling / Analysis - using STRIDE - useful for CISSP certification #cybersecurity

This video provide an introduction to the theory behind threat modelling and analysis using the STRIDE categorization scheme. It provides a way to identify threats to software you are developing yourself as well as off-the-shelf software products. This is one of the things you need to know if you are planning to gain CISSP cybersecurity certification. The video talks about the theory on creating a data flow diagram, and how the analysis is then applied. In a future video I plan to create another video with a practical example of how to apply STRIDE analysis to an open source software projects. The 6 steps to STRIDE are: Spoofing Tampering Repudiation Information Disclosure Denial of Service DoS Elevation of privilege For more details see: http://www.penguinfortress.com/securi... Chapters: 00:00 Threat modelling / analysis 00:15 Why threat modelling 01:15 Threat modelling and software lifecycle 02:05 Identifying threats 02:50 Stride mnemonic 06:21 Data Flow Diagram 06:42 Microsoft Threat Analysis tool 07:08 Summary

Join Today
Cybersecurity STRIDE working example threat analysis
▶︎

Cybersecurity STRIDE working example threat analysis

STRIDE Threat Modeling for Beginners - In 20 Minutes
▶︎

STRIDE Threat Modeling for Beginners - In 20 Minutes

CISSP Threat Modeling Explained: STRIDE, DREAD, PASTA, VAST
▶︎

CISSP Threat Modeling Explained: STRIDE, DREAD, PASTA, VAST

1. Introduction, Threat Models
▶︎

1. Introduction, Threat Models

PASTA Threat Modeling vs STRIDE: How Are They Different?
▶︎

PASTA Threat Modeling vs STRIDE: How Are They Different?

AWS Summit ANZ 2021 - How to approach threat modelling
▶︎

AWS Summit ANZ 2021 - How to approach threat modelling

What are the 7 Stages of PASTA Threat Modeling Framework?
▶︎

What are the 7 Stages of PASTA Threat Modeling Framework?

Introduction to Threat Modelling with STRIDE
▶︎

Introduction to Threat Modelling with STRIDE

Cybersecurity Architecture: Five Principles to Follow (and One to Avoid)
▶︎

Cybersecurity Architecture: Five Principles to Follow (and One to Avoid)

DREAD Methodology
▶︎

DREAD Methodology

How to do Real World Threat Modeling
▶︎

How to do Real World Threat Modeling

What is Threat Modeling and Why Is It Important?
▶︎

What is Threat Modeling and Why Is It Important?

How to Pass the CISSP Exam Like a Pro: Your Complete Strategy Guide | Destination Certification
▶︎

How to Pass the CISSP Exam Like a Pro: Your Complete Strategy Guide | Destination Certification

April 2026: Why your CISSP plan may have just changed
▶︎

April 2026: Why your CISSP plan may have just changed

Cybersecurity Threat Hunting Explained
▶︎

Cybersecurity Threat Hunting Explained

An Introduction to the Diamond Model of Intrusion Analysis by it's Co-Author Sergio Caltagirone
▶︎

An Introduction to the Diamond Model of Intrusion Analysis by it's Co-Author Sergio Caltagirone

Trump Attends NBA Finals, Cries Election Fraud in California & Storms Out of Interview
▶︎

Trump Attends NBA Finals, Cries Election Fraud in California & Storms Out of Interview

Threat Modeling Explained| How to implement threat modeling| Pros and Cons of Threat Modeling Method
▶︎

Threat Modeling Explained| How to implement threat modeling| Pros and Cons of Threat Modeling Method

Threat Modeling Frameworks for Information Security Analysts | Threats and Attack Vectors
▶︎

Threat Modeling Frameworks for Information Security Analysts | Threats and Attack Vectors

Why you will pass the CISSP
▶︎

Why you will pass the CISSP