ramimac
commented
1 year ago - ● https://www.threatmodelingmanifesto.org/
- ● https://insights.sei.cmu.edu/blog/threat-modeling-12-available-methods/
- ● https://aws.amazon.com/blogs/security/how-to-approach-threat-modeling/
- ● https://about.gitlab.com/handbook/engineering/security/security-engineering-and-research/application-security/runbooks/threat-modeling.html
- ● https://web.archive.org/web/20140830230111/https://blogs.akamai.com/2013/11/so-you-want-to-secure-something.html
- ● https://r2c.dev/blog/2021/appsec-development-keeping-it-all-together-at-scale/
- ● https://staaldraad.github.io/post/2021-03-26-threat-modelling/
- ● https://increment.com/security/approachable-threat-modeling/
- ● https://about.gitlab.com/blog/2021/07/09/creating-a-threat-model-that-works-for-gitlab/
- ● https://segment.com/blog/redefining-threat-modeling/
- ● https://hitrustalliance.net/hitrust-threat-catalogue/
- ● https://safecode.org/wp-content/uploads/2017/05/SAFECode_TM_Whitepaper.pdf
- ● https://cheatsheetseries.owasp.org/cheatsheets/Threat_Modeling_Cheat_Sheet.html
- ● https://about.gitlab.com/handbook/security/threat_modeling/howto.html
- ● web based questionnaire - https://github.com/slackhq/goSDL