English | MP4 | AVC 1280×720 | AAC 48KHz 2ch | 0h 29m | 124 MB
STRIDE is a popular threat modeling framework that helps security pros and software developers think strategically about risk. This course addresses the I in STRIDE, which stands for information disclosure. You can learn how to preserve the confidentiality of the data, secrets, and other information you store, and the policies you need to put into place to share that information safely. Topics include classic models such as data at rest and data in motion as well as information disclosure in processes and information disclosure in certain technologies such as cloud, Internet of Things and mobile, and AI and machine learning. Expert Adam Shostack also reviews the side effects of computation, the physical effects of CPUs, and the defenses you can put into place at your organization to manage metadata, secrets, and other sensitive information.
Topics include:
- Authorized access
- Metadata in motion
- Intentional disclosure
- Side effects of disclosure
- Disclosure in the cloud
- Cryptography and other defenses
Table of Contents
1 Allow me to disclose something
2 Four-question framework
3 Information disclosure as a part of STRIDE
4 Authorized access
5 Physical layer
6 Metadata
7 Encrypted and unencrypted
8 Metadata in motion
9 Non-internet data
10 Intentional disclosure
11 Metadata and security
12 Radios Intentional and accidental
13 Timing
14 Interpretation
15 Cloud
16 IoT and mobile
17 AI and machine learning
18 Metadata management
19 Secrets and secrets management
20 Cryptography
21 Next steps
Resolve the captcha to access the links!