LinkedIn respects your privacy

LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.

Select Accept to consent or Reject to decline non-essential cookies for this use. You can update your choices at any time in your settings.

Join now Sign in

From the course: Practical Secure by Design: Threat Modeling to Build Resilient Products

Understanding common threats

From the course: Practical Secure by Design: Threat Modeling to Build Resilient Products

Start my 1-month free trial Buy for my team

Understanding common threats

“

- [Instructor] Let's go through some fundamentals of threats. If I asked you, what do you think is the world's deadliest creature? You might be thinking about a shark or a snake. However, a mosquito is the world's most deadliest creature. There are more human beings who are impacted because of a mosquito bite than any other animal. When we think about the world's deadliest creature, we often think about something that looks scary or big. However, we need to think about data and statistics. Human beings, by default, are not so great at identifying threats, and often, real world examples of threats can be used in understanding threats in the context of cybersecurity. If you want to understand the fundamentals of threats, you want to keep in mind, what are we protecting? Who are we protecting from? And how are we protecting? If you keep these three fundamentals in your mind, you will then be able to think about secure by design principles and build secure applications. You also want to understand the attacker mindset. The attacker mindset talks about what is the attacker wanting to do. The attacker mindset will help you to think like a bad actor, to identify weaknesses, anticipate what the attacker might be doing, and have a proactive approach instead of a reactive approach. Why do you need to have an attacker mindset? It's to identify blind spots, to prioritize defenses, and to be able to build stronger systems. If you understand the why and the what, you'll actually understand the motivation behind the attacker or the attacker mindset. And often, the motivation could be a financial gain, fame, malicious intent, or sometimes it could be just fun. These are some fundamentals of threats that you want to keep in mind throughout the entire course.

Contents