Supplemental for Threat Modeling: Designing for Security

Table of Contents for Threat Modeling: Designing for Security

Part I: Getting Started

1.   Dive in and Threat Model
2.   Strategies for Threat Modeling

Part II: Finding Threats

3.   STRIDE
4.   Attack Trees
5.   Attack Libraries
6.   Privacy Tools

Part III: Managing and Addressing Threats

7.   Processing and Managing Threats
8.   Defensive Tactics and Technologies
9.   Trade-Offs When Addressing Threats
10.   Validating That Threats Are Addressed
11.   Threat Modeling Tools

Part IV: Threat Modeling in Technologies and Tricky Areas

12.   Requirements Cookbook
13.   Web and Cloud Threats
14.   Accounts and Identity
15.   Human Factors and Usability
16.   Threats to Cryptosystems

Part V: Taking It to the Next Level

17.   Bringing Threat Modeling to Your Organization
18.   Experimental Approaches
19.   Architecting for Success

Appendices

1.   Helpful Tools
2.   Threat Trees
3.   Attacker Lists
4.   Elevation of Privilege : The Cards
5.   Case Studies

Errata for Threat Modeling: Designing for Security

•   Andy Steingrubel's name is mis-spelled (page vii)
•   The first list on page 10 is mis-ordered
•   On page 12, "vertebrae" should read "vertebrate."
•   On page 134/135, tables 7.4 and 7.5 should each open with "threat type," rather than "threat".
•   On page 154, under "Operational Assurance of Confidentiality" The last sentence, "With regard to a network, it may be possible to use SSH or SSL tunneling or IPSec to address network tampering issues." should read: "With regard to a network, it may be possible to use SSH or SSL tunneling or IPSec to address network confidentiality issues."
•   Phil Zimmermann's name is consistently misspelled.
•   On page 225, the second item of the first list should read "We will detect 75 precent of attacks of type X within time Y, and 50 percent of the remainder within Z."
•   On page 485, there is a reference to sync floods, which is SYN, fully misspelled.
•   On this page, errata was mis-spelled.
•   On page 14 and elsewhere, IPsec is listed as addressing spoofing of a network address. Properly, that's a function of IKE. (Added June 2018)
•   On page xxx of the introduction, the word "influence" should be removed from the phrase "Platforms and API influence may offer security features" (Added June, 2018)
•   On page 4, the Elevation of Privilege link is broken. Good resources are above. (August, 2018)
•   On page 6, it should read 'Many people will treat the terms as interchangeable.' (January, 2019)

Errata last updated: June 25, 2018