Wednesday, March 25, 2015

Threat Modeling a SharePoint Application

Threat Modeling a SharePoint Application: An exploratory exercise in preventing data breaches and theft

By Tony Graves SharePoint Developer and Consultant​


Threat Modeling Book Cover.jpg 

Threat modeling is about using models to find security problems. Using a model means abstracting away a lot of details to provide a look at a bigger picture, rather than the code itself. You model because it enables you to find issues in things you haven’t built yet, and because it enables you to catch a problem before it starts.

Threat Modeling can be applied to software you’re building or deploying, or software you’re considering acquiring. Building a SharePoint Solution or website is no different. Here is a brief guide on how to build a minimum threshold for your organization in a SharePoint environment.

Not all content holds the same value for an organization. Some content is transitory and will only provide value for a short time, while other content serves as official records, preserving evidence for a transaction or decision making tool such as eDiscovery.

Based on the book, "Threat Modeling: Designing for Security" the only security book to be chosen as a Dr. Dobbs Jolt Award Finalist since Bruce Schneier's Secrets and Lies and Applied Cryptography!

Read more...
http://www.blacksgonegeek.org/publications


Join The Blacks Gone Geek Community http://www.blacksgonegeek.org/Pages/JointheBlacksGoneGeekCommunity.aspx

No comments:

Post a Comment