To main content

Threat Modeling in Modern Software Development

Abstract

Threat modeling is a way to get an overview of possible attacks against your systems. The advantages of threat modeling include tackling security problems early, improved risk assessments, and more effective security testing. There will always be limited resources available for security, and threat modeling will allow you to focus on the most important areas first. There is no one single “correct” way of doing threat modeling, and “agile” is no excuse for not doing it. This chapter describes the authors' experiences with doing threat modeling with agile development organizations, outlining challenges to be faced and pitfalls to be avoided.

Category

Academic chapter

Language

English

Author(s)

Affiliation

  • SINTEF Digital / Software Engineering, Safety and Security

Year

2019

Publisher

IGI Global

Book

Exploring Security in Software Architecture and Design

ISBN

9781522563136

View this publication at Norwegian Research Information Repository