Hello and welcome to another penetration testing, execution Standard discussion. Today we're going to go over our threat modeling overview as we get into threat modeling within the pee test standard. So our first section within threat modeling is going to be the modeling process. And this is just going to be a general overview
where we talk about what is threat modeling,
the high level process, some high level examples and high level modeling tools.
Then we're going to get into business asset analysis. So we're gonna talk about what it is. Organizational data, employee data, customer data, human assets in some different type of business assets within this review.
And then we'll talk about business process analysis what that is infrastructure supporting processes, information, assets, supporting processes, human assets and third party integration and or usage of by a process.
And this is essentially going to be all the technical, informational human components that make up critical
processes and procedures within an organization.
We're going to talk about threat agent and community analysis. What that is both internal and external components of that employees management, et cetera, and look at those particular areas within penetration testing.
We're going to do threat capability analysis. So we're gonna look at some analysis of tools and use availability to relevant exploits and payloads. And so what's out there?
Communication mechanisms that could be used an accessibility. Overall, we're going to talk about motivation modeling. So what? That is, And then we're gonna look at some different areas, like for profit hacktivism, direct grudge funding, reputation, further access to partner networks. And so those are just gonna be Cem
reasons that individuals may target an organization or take action against an organization.
And then we're gonna briefly review how we look for relevant news, what it is, why it's important and what to look for overall. So I'm excited to get into the next area of the pee test standard with you. Let's go ahead and jump right in