From the course: Threat Modeling: Repudiation in Depth

Four-question framework

From the course: Threat Modeling: Repudiation in Depth

Start my 1-month free trial

Four-question framework

- At the heart of threat modeling are four incredibly simple questions. What are we working on? What can go wrong? What are we going to do about it? And did we do a good job? These questions act as guideposts as you're reflecting on your work. If you're not sure why you're doing what you're doing, tie that work to one of the questions. In this course, I'll be digging deep into details around what can go wrong and what are we going to do about it through the lens of spoofing and authenticity. Spoofing is a broad threat. I can spoof computers, people, or files. The mechanisms are quite different as I do, but all involve breaking authentication. Looking at these four questions through a spoofing lens is part of the systematic, structured, and comprehensive approach to security that your customers deserve.

Contents