DES 212 - Architecture Risk Analysis & Remediation
This course defines concepts, methods, and techniques for analyzing the architecture and design of a software system for security flaws. Special attention is given to analysis of security issues in existing applications; however, the principles and techniques are applicable to systems under development. Techniques include accurately capturing application architecture, threat modeling with attack trees, attack pattern analysis, and enumeration of trust boundaries.
- How to assess design components for security flaws
- The use and value of threat modeling and attack surface analysis
- Techniques to remove architecture weak spots and avoid vulnerability propagation