Threat modeling is one of the most essential--and most misunderstood--parts of the development lifecycle. Whether you're a security practitioner or a member of a development team, this book will help you gain a better understanding of how you can apply core threat modeling concepts to your practice to protect your systems against threats.

Contrary to popular belief, threat modeling doesn't require advanced security knowledge to initiate or a Herculean effort to sustain. But it is critical for spotting and addressing potential concerns in a cost-effective way before the code's written--and before it's too late to find a solution. Authors Izar Tarandach and Matthew Coles walk you through various ways to approach and execute threat modeling in your organization.

• Explore fundamental properties and mechanisms for securing data and system functionality
• Understand the relationship between security, privacy, and safety
• Identify key characteristics for assessing system security
• Get an in-depth review of popular and specialized techniques for modeling and analyzing your systems
• View the future of threat modeling and Agile development methodologies, including DevOps automation
• Find answers to frequently asked questions, including how to avoid common threat modeling pitfalls

Table of Contents

Chapter 1. Modeling Systems

Chapter 2. A Generalized Approach to Threat Modeling

Chapter 3. Threat Modeling Methodologies

Chapter 4. Automated Threat Modeling

Chapter 5. Continuous Threat Modeling

Chapter 6. Own Your Role as a Threat Modeling Champion

Appendix A. A Worked Example

About the Authors

Izar Tarandach is Lead Product Security Architect at Autodesk, Inc. Prior to this, he was the Security Architect for Enterprise Hybrid Cloud at Dell EMC, and before that he was a Security Consultant at the EMC Product Security Office. He is a core contributor to SAFECode and a founding contributor to the IEEE Center for Security Design. He holds a master's degree in Computer Science/Security from Boston University and has served as an instructor in Digital Forensics at Boston University and in Secure Development at the University of Oregon.

Matthew Coles is the product security leader at Bose Corporation, where he leverages over 15 years of product security and systems engineering experience to enable teams to build security into the products and personalized experiences Bose delivers to customers worldwide. Prior to that he was lead product security architect for analog devices, and consulting product security architect at EMC. He has been a technical contributor to community standard initiatives such as ISO 27034, CVSS version 3, and the CWE/SANS Top 25 project. He holds a master's in computer science from Worcester Polytechnic Institute, and has previously served as an instructor in software security practices at Northeastern University.