Various Security Technical Implementation Guides

This website is dedicated to internetworking documentation with FOSS.

It contains articles, guides, labs and presentations which can be used as
teaching or self learning material

As the documents have to be maintained over years, static web pages are the
most suitable way to publish them

In this chapter, you learn about the following topics:

Fundamental concepts in network security, including identification of common vulnerabilities and threats, and mitigation strategies
Implementation of a security architecture using a lifecycle approach, including the phases of the process, their dependencies, and the importance of a sound security policy

Threat modeling is an approach for analyzing the security of an application. It is a structured approach that enables you to identify, quantify, and address the security risks associated with an application. Threat modeling is not an approach to reviewing code, but it does complement the security code review process. The inclusion of threat modeling in the SDLC can help to ensure that applications are being developed with security built-in from the very beginning.