From the course: ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep

Unlock this course with a free trial

Join today to access over 25,500 courses taught by industry experts.

Security enhancing tools

Security enhancing tools

From the course: ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep

Start my 1-month free trial Buy for my team

Security enhancing tools

- [Instructor] Determining how to incorporate security into your application in the early design phases can be a challenging task. Fortunately, you can take advantage of security-enhancing tools to help you address inherent architectural risks. When selecting tools for this task, you'll find that many of them reinforce security best practices design principles, including things like the principle of least privilege, defense in depth, don't assume trust, simplicity over complexity, and plan to fail securely. As you select tools to help augment your security efforts, keep an eye out for opportunities to put these principles into practice. There are a pair of threat modeling tools that I recommend you check out. Understanding how these tools function firsthand will make it clear whether or not it makes sense to build them into your own processes. The first is the Microsoft Threat Modeling Tool. Although Microsoft flagged this tool as end-of-life in 2019, you can improve your…

Contents