Unit 3: Introduction to Threat Modelling and Management

This unit discussed various approaches to threat modelling, including STRIDE, DREAD, Attack Trees, and PASTA. We also explored guides and cookbooks to aid in framework selection.

Key Concepts Covered

  • Threat vs. Vulnerability: Understanding the distinction between these two concepts.
  • Threat Modelling Techniques: Overview of STRIDE, DREAD, Attack Trees, and PASTA.
  • Guides and Cookbooks: Resources to assist in choosing and applying threat modelling frameworks.

The seminar provided practical insights into threat modelling techniques and their application in real-world scenarios. To the right is the reflective piece with the artefacts linked on this unit:

Reflection on Unit 3

This unit introduced me to various threat modelling techniques, enhancing my ability to identify and manage threats effectively. Understanding the differences between threats and vulnerabilities was crucial in selecting the appropriate threat modelling approach. The recommended readings, especially Shevchenko et al. (2018) and Shostack et al. (2020), were instrumental in helping me choose the STRIDE framework for assignment 6. The seminar discussions highlighted the practical application of these techniques, which is essential for my future role as a security professional.