Skip to main content

Links for Talk: “Threat Modeling in 2021”

General Links

Introductory threat modeling resources
Tools: MS TM Tool, Tutamen, Irius Risk
Repudiation: GPS spoofing
Seeds in the mail and why
Information disclosure: New York Times, Tesla
Kill chains: unifiedkillchain.com
MITRE Att&ck
Machine learning: Microsoft 1, Microsoft 2, my comments on the Microsoft approaches Berryville Institute of Machine Learning, my analysis.
Conflict modeling: my conflict modeling site at github.
Threat Modeling: Designing for Security (my book)
Some of my other threat modeling talks on youtube
My blog, with lots of threat modeling content
The OWASP slack, which has an active #threatmodeling channel

Additional Links for the ASRG talk (September 2020)

This version of the talk was customized for the Automotive Security Research Group, and additional resources for that audience include:

Ross Anderson at 36c3, cars are covered about 36 min in, but the whole talk is worthwhile
Safety First for Automated Driving paper
UN Regulations on Cybersecurity and Software Updates to pave the way for mass roll out of connected vehicles
UL 4600
SAE J3061

Our site works best with Javascript enabled, however we have done our best to minimize any negative impacts to your experience without it.