Hi,VerSprite.I have whatched you full video,and thank you so much for sharing this video! I wanna know if I could make a DFD diagram for a workflow which involves kinds of solftware,and then creating a Threat Model? I am looking foward to your answer~Thanks so much!
Yes, DFD is one of the most important steps in Stage 3 PASTA threat modeling. The processing of DFD information will help you better understand the inputs, the outputs, and the many actions in between. We also have a blog on our website that does a deeper dive into PASTA. Feel free to skip to stage 3 for more info on DFD: versprite.com/blog/what-is-pasta-threat-modeling/
You can use PASTA to do an org threat model vs. an app threat model and process decomposition is stage 3 of org threat modeling. You can determine if the workflow around software development bears any weaknesses that could be altered by a threat actor to any entity executing on those workflows. Helpful when trying to take that PFD (Process Flow Diagram) to see where abuse cases could be unleashed to affect code quality, code integrity, affect downstream build processes and more.
ቅያ_Tube, thank you for watching. Here is a link to the PASTA ebook for reference. versprite.com/ebooks/leveraging-risk-centric-threat-models-for-integrated-risk-management/ Please feel free to use PASTA in your organizational threat modeling. If you need further assistance or just want to chat please feel free to contact us anytime. versprite.com/contact/
Hello Sunday, thank you for reaching out. We have a lot of helpful threat modeling resources on our website. For example here is a RACI Diagram that shows the roll distrubition during each step of the threat model. versprite.com/blog/application-security/threat-modeling/versprite-pasta-threat-modeling-raci-diagram/
Here is a link to the PASTA threat modeling ebook for reference. versprite.com/ebooks/leveraging-risk-centric-threat-models-for-integrated-risk-management/
I guess I like to be wrong. It's 2023 and using an immutable threat categorization from over 20 years ago is still useful in a world of extortion, persistence, cryptojacking that doesn't align to any of those 6 buckets. 🤡
Hi S Naz, would love to discuss this in further detail. Please provide me with your email address, or simply go to our contact page and fill out the form (versprite.com/contact/). Looking forward to connecting with you.
Hi@@afrahfathima8866would love to connect and help you with your Threat Model. Please provide your email address, or simply go to our contact page and fill out the form (versprite.com/contact/). Looking forward to helping you.
Clear and comprehensive insight into PASTA. Greatly appreciated! Ty 👍
Thanks! very good ideas!
Hi,VerSprite.I have whatched you full video,and thank you so much for sharing this video! I wanna know if I could make a DFD diagram for a workflow which involves kinds of solftware,and then creating a Threat Model? I am looking foward to your answer~Thanks so much!
Yes, DFD is one of the most important steps in Stage 3 PASTA threat modeling. The processing of DFD information will help you better understand the inputs, the outputs, and the many actions in between. We also have a blog on our website that does a deeper dive into PASTA. Feel free to skip to stage 3 for more info on DFD: versprite.com/blog/what-is-pasta-threat-modeling/
You can use PASTA to do an org threat model vs. an app threat model and process decomposition is stage 3 of org threat modeling. You can determine if the workflow around software development bears any weaknesses that could be altered by a threat actor to any entity executing on those workflows. Helpful when trying to take that PFD (Process Flow Diagram) to see where abuse cases could be unleashed to affect code quality, code integrity, affect downstream build processes and more.
very good presentation, can we do a single experiment or is it a free source to use it.
ቅያ_Tube, thank you for watching.
Here is a link to the PASTA ebook for reference. versprite.com/ebooks/leveraging-risk-centric-threat-models-for-integrated-risk-management/
Please feel free to use PASTA in your organizational threat modeling.
If you need further assistance or just want to chat please feel free to contact us anytime.
versprite.com/contact/
very iinformative video
Informative !!
Hey brother can you build threat model for an erp app
hey i have a class assignment on threat modelling,can you help me out?pls lets talk about it
Hello Sunday, thank you for reaching out. We have a lot of helpful threat modeling resources on our website.
For example here is a RACI Diagram that shows the roll distrubition during each step of the threat model.
versprite.com/blog/application-security/threat-modeling/versprite-pasta-threat-modeling-raci-diagram/
Here is a link to the PASTA threat modeling ebook for reference.
versprite.com/ebooks/leveraging-risk-centric-threat-models-for-integrated-risk-management/
You just blew your credibility by saying that STRIDE is useless. Clearly you're way too biased and can't play nice with the other kids. Bye
Dont let the door hit you on the way out! ;-)
I guess I like to be wrong. It's 2023 and using an immutable threat categorization from over 20 years ago is still useful in a world of extortion, persistence, cryptojacking that doesn't align to any of those 6 buckets. 🤡
please contact me for the assistance of threat modeling using mitre model
Hi S Naz, would love to discuss this in further detail. Please provide me with your email address, or simply go to our contact page and fill out the form (versprite.com/contact/). Looking forward to connecting with you.
need some help regarding Threat modeling
Hi@@afrahfathima8866would love to connect and help you with your Threat Model.
Please provide your email address, or simply go to our contact page and fill out the form (versprite.com/contact/).
Looking forward to helping you.