With the release of 2014’s Threat Modeling: Designing for Security, renowned threat modeling expert Adam Shostack looks not only to introduce software developers and security professionals to this now essential information security skill, but also to provide helpful lessons and tips for identifying, preparing for and preventing potential security threats well into the future.
Through Threat Modeling: Designing for Security, Adam Shostack aims to:
• Provide software and security developers an easy, accessible how-to guide for designing more secure systems and products.
• Show security professionals how to threat model – as well as to provide an exploration of various threat modeling approaches, such as software-centric, attacker-centric and asset-centric.
• Provide actionable advice that isn’t tethered to any specific programming language, operating system or software.
Threat Modeling: Design for Security is the only information security book to be selected as a finalist for the Dr. Dobbs Joly Award since Secrets and Lies and Applied Cryptography.