Learning Threat Modeling for Security Professionals
The course went over threat modeling (STRIDE), strategy, potential threats, and vulnerability. Additionally, there are scenarios such as DDOS attack, spoofing servers, and methods to mitigate. Methods of mitigation that were mentioned were captcha, delay the time they can enter password again, use two factor authentication, and track the username that is constantly attempting to login. When designing a website for a company, considering these potential threat and implement methods to mitigate reduces the financial cost of security by reducing in-valid entries. These methods can also be used during classwork when considering web security.