STRIDE
Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Time
12 hours 57 minutes
Difficulty
Intermediate
CEU/CPE
13
Video Transcription
00:00
>> One of the main ways of doing
00:00
effective security design and
00:00
testing for applications is threat modeling.
00:00
STRIDE is one of those threat models.
00:00
In this lesson, we're going to talk about
00:00
the origins of the STRIDE threat model.
00:00
Talk about each of the individual elements of
00:00
the STRIDE threat model and talk about
00:00
the application of STRIDE in security testing.
00:00
STRIDE was created by Microsoft.
00:00
As a threat model,
00:00
it helps developers and testers think about
00:00
the main high level exploits
00:00
that any threat actor might attempt on an application.
00:00
There are six aspects or
00:00
elements of the STRIDE threat model.
00:00
First is spoofing.
00:00
Spoofing really refers to can a user interact with
00:00
the program or application in any way
00:00
that it appears that another user is doing it.
00:00
Second is tampering.
00:00
Can the user make
00:00
any unauthorized modifications to the application.
00:00
Three, is repudiation.
00:00
This is related to spoofing,
00:00
but has a unique caveat.
00:00
Repudiation is really, is the user able to deny
00:00
that they were the one who took a particular action?
00:00
Repudiation is important when it
00:00
comes to logging and monitoring.
00:00
Are there appropriate logs to
00:00
demonstrate what activities were taken by which users?
00:00
In the event that malicious or activity takes place,
00:00
it can be attributed to a particular user.
00:00
Then there's information disclosure.
00:00
Can the user either infer or
00:00
discover any sensitive information
00:00
about the system that is not intended.
00:00
Then there's denial of service.
00:00
Can the user takes some action which can actually
00:00
render the application unavailable?
00:00
Lastly, there's escalation of privilege.
00:00
Are there actions that the user can take to
00:00
change their own permissions and enable them
00:00
to take actions that are not initially
00:00
authorized by their access level.
00:00
Quiz question. A user appearing to take actions as
00:00
another user is not an example of this STRIDE concept.
00:00
Tampering, spoofing, repudiation. As we've described,
00:00
spoofing and repudiation are
00:00
interrelated aspects of the STRIDE model.
00:00
Spoofing is really where
00:00
a user appears to interact with the application,
00:00
appearing as though they are
00:00
someone other than that individual.
00:00
Repudiation is really the ability
00:00
to use logging and monitoring that
00:00
tie individual actions to
00:00
the identities that took that action.
00:00
Tampering, on the other hand,
00:00
is the ability of a user to make
00:00
unauthorized changes in behavior
00:00
or functionality within the application.
00:00
It is not related to spoofing and repudiation.
00:00
In summary, we talked about
00:00
the origins of the STRIDE threat model.
00:00
It was a threat model developed by Microsoft.
00:00
We talked about all of the elements of
00:00
the STRIDE model, spoofing, tampering,
00:00
repudiation, information disclosure, denial of service,
00:00
and escalation of privilege.
00:00
Then we talked about the application of
00:00
the STRIDE threat model in
00:00
application design and testing.
00:00
This model really provides
00:00
a good basis for thinking about
00:00
all the different permutations that you want to test
00:00
for when evaluating the security of an application.
00:00
Then even before that, how you might
00:00
want to design your application to prevent
00:00
malicious actors from explaining it
00:00
or abusing it in any way.
00:00
I'll see you in the next lesson.
Up Next
Instructed By
Similar Content
