From the course: Learning Threat Modeling for Security Professionals
Join today to access over 24,000 courses taught by industry experts.
What can go wrong?
From the course: Learning Threat Modeling for Security Professionals
What can go wrong?
- The second question in threat modeling is what can go wrong? Oh my, what can go wrong? Yeah, you could build your nuclear power plant next door to a spider farm or on an earthquake fault line. But hang on a minute, I'm not designing a nuclear power plant here. I'm building an ad server. I have a project scope right here. And you know what? No nuclear power plants, no spider farms. But you know what could go wrong? Customer A might be able to upload content to Customer B's campaign. So Customer B is paying for Customer A's ads. That's sort of fun. Uh-oh, the lawyers tell me I can't say fun. How about exciting? That's sort of exciting. Or my servers might get overwhelmed with traffic, which is cha-ching, great, but what if they're so overwhelmed they fail to send packets to the billing server? What can go wrong is the key question in threat modeling, and it can be hard to get it right. If you scope too wide, you worry about radioactive spiders. And hey, I'm not saying don't worry…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.