The Cloud Threat Modeling document is attached for early release. This is the latest release from the Top Threats working group.
Here is a brief description of the document -
The purpose of this document is to enable, encourage cloud, and security practitioners to apply threat modeling for cloud applications, services, and security decisions. To that end, this resource provides crucial guidance to help identify threat modeling security objectives, set the scope of assessments, decompose systems/applications, identify & rate threats, identify vulnerabilities in the system design, design and prioritize mitigations & controls, communicate/report, and call-to-action.
- Upcoming Cloudbytes
- Recent Releases
- Open Peer Reviews
------------------------------
Todd Edison
Chapter Relations Manager
Cloud Security Alliance
Bellingham WA
------------------------------