Practical Software Attack Modeling
FREE video series covering essentials steps for securing any software.
" I have had the privilege of teaching secure software design across three continents―North America, Africa, and Europe ― and i'm often asked... how did you get into software security? My answer, years ago as I deployed a startup app that I and my boss had sweated on, it was hacked. Instead of the press carrying the news of the launch as we had planned, they carried the news of the hack. Since then, I learnt the steps below, apply them to all software I build, and teach them to any who will listen"
​
- Damilare, Founder of Resilient Software & Creator of Practical Software Attack Modeling
FREE VIDEO SERIES
Software threat or attack modeling is the time-tested art and science of identifying what is required to bring any software system to a desired secure state.
In this series we tackle the major steps you must follow to secure any software architecture and deliver a product that's #SecureByDesign.
You can access all the videos by using the player next to this intro or you can go straight to the individual videos below.
Practical Software Attack Modeling
1. What must you protect?
In this video we discover how to analyze our software systems to identify the prized security jewels that we must protect.
We learn about two types of those jewels, the obvious ones that most people know, and the not so obvious ones that many people miss.
Identify Cybersecurity Jewels or Assets
2. How might attackers enter?
Any software is like a castle. They are only attacked via the existing entry proints.
Learn how to discover and protect the entry points in your software system.
Know Your Attack Surface
3. Demistifying "Vulnerability".
The word "vulnerability" is the post popular word in cybersecurity.
But what exactly does vulnerability mean? And how can a clear knowledge of that, help us to design security into our systems?
Watch to find out.
What's a Vulnerability Anyways?
4. What threats are relevant to your SW?
In software, we can consider threats (or danger) to be anything that negatively affects the confidentiality, integrity, or availability of the software or the data it stores.
​
Learn how to confidently identify potential threats to your software system, considering factors like your assets and entry points.
Understanding Software Threats
​5. How can you prioritize risk?
No company has unlimited resources. You are constrained by time, money, and personnel.
In this video, we learn how to assess and priotize business risk for a software system, so that you can make smart decisisons about where and when to invest.
Assessing Software Risk
6. Harden your software.
This is where the rubber meets the road.
​
Learn how to use the insight gathered from previous steps, to derive security mitigations that will harden your software and protect your customers.
