Lynda.com is now LinkedIn Learning!

To access Lynda.com courses again, please join LinkedIn Learning

All the same Lynda.com content you know and love

Plus, personalized course recommendations tailored just for you

All the same access to your Lynda learning history and certifications

Try LinkedIn Learning for free

Questions? Visit our help center.

Lynda.com is now LinkedIn Learning · Same content. Same instructors. New platform.

Start My Free Month

Misuse case testing

Misuse case testing tries to evaluate software from the perspective of an attacker. It is closely related to penetration testing, but should be performed at different stages of the software development process. In this video, learn how developers attempt many of the same software abuses that attackers will try once the software is deployed in production.

- [Instructor] Most software testing…makes a crucial assumption,…that users will behave in expected ways.…This is sometimes a reasonable assumption…when testing software to make sure…that it meets basic business requirements.…However, it's a dangerous assumption to make…when evaluating the security of software.…Attackers will not behave in an expected manner…or follow the rules and conventions…that you set out for your software.…Instead, they will fold, spindle and mutilate…your software, pushing it's boundaries…and trying to force it to fail.…

In those failures, hackers find critical security flaws…that allow them to gain privileged access…to a system, disrupt authorized user activity…or perform other malicious actions.…Misuse case testing tries to evaluate software…from the perspective of the attacker.…Misuse case testing is closely related…to penetration testing…and should be performed at different stages…of the software development process.…In misuse case testing,…developers attempt many of the same software abuses…

Resume Transcript Auto-Scroll

Author

Mike Chapple

Skill Level Intermediate

2h 10m

Duration

37,037

Views

Show More Show Less

Q: This course was updated on 05/18/2018. What changed?

A: New videos were added that cover identifying threats, understanding attacks, technology and process remediation, remediating vulnerabilities, and security monitoring. In addition, the following topics were updated: risk management and monitoring log files.

Related Courses

Introduction
- Welcome
  1m 26s
1. Risk Management
- Risk management
  4m 52s
- Quantitative risk assessment
  6m 41s
- Risk management actions
  4m 3s
- Ongoing risk management
  2m 26s
- Risk management frameworks
  3m 47s
- Risk visibility and reporting
  4m 22s
2. Threat Modeling
- Identifying threats
  2m 21s
- Understanding attacks
  4m 11s
- Technology and process remediation
  2m 42s
3. Threat Assessment
- Security assessment tools
  5m 21s
- Scan for threats and vulnerabilities
  5m 25s
- Assess threats
  3m 14s
- Threat assessment techniques
  2m 41s
- Penetration testing
  2m 36s
- Advanced vulnerability scanning
  2m 54s
- Common Vulnerability Scoring System (CVSS)
  2m 48s
- Interpreting CVSS scores
  3m 22s
- Analyzing scan reports
  3m 59s
4. Remediating Vulnerabilites
- Report scan results
  4m 43s
- Prioritize remediation
  3m 46s
- Create a remediation workflow
  3m 47s
- Barriers to vulnerability remediation
  4m 51s
5. Security Monitoring
- Monitor log files
  6m 20s
- Security information and event management
  2m 56s
- Continuous security monitoring
  4m 41s
- Visualization and reporting
  3m 22s
- Compliance monitoring
  2m 45s
- Legal and ethical issues in monitoring
  2m 40s
6. Software Testing
- Code review
  2m 50s
- Code tests
  2m 41s
- Fuzz testing
  6m 44s
- Interface testing
  3m 29s
- Misuse case testing
  2m 37s
- Test coverage analysis
  2m 44s
Conclusion
- What's next?
  43s

Show MoreShow Less

Take notes with your new membership!

Type in the entry box, then click Enter to save your note.

1:30Press on any video thumbnail to jump immediately to the timecode shown.

Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.

Start My Free Month

Skills covered in this course

Security IT

Start My Free Month

Start your free month on LinkedIn Learning, which now features 100% of Lynda.com courses. Develop in-demand skills with access to thousands of expert-led courses on business, tech and creative topics.

Start My Free Month

Lynda.com is now LinkedIn Learning!

To access Lynda.com courses again, please join LinkedIn Learning

Categories

3D + Animation Topics

3D + Animation Software

3D + Animation Learning Paths

Audio + Music Topics

Audio + Music Software

Audio + Music Learning Paths

Business Topics

Business Software

Business Learning Paths

Business Guides

CAD Topics

CAD Software

CAD Learning Paths

Design Topics

Design Software

Design Learning Paths

Developer Topics

Developer Software

Developer Learning Paths

Education + Elearning Topics

Education + Elearning Software

Education + Elearning Learning Paths

IT Topics

IT Software

IT Learning Paths

Marketing Topics

Marketing Software

Marketing Learning Paths

Photography Topics

Photography Software

Photography Learning Paths

Video Topics

Video Software

Video Learning Paths

Web Topics

Web Software

Web Learning Paths

Web Guides

Misuse case testing

Author

Skill Level Intermediate

Duration

Views

Q: This course was updated on 05/18/2018. What changed?

Related Courses

IT Security Careers and Certifications: First Steps

Insights from a Cybersecurity Professional

Introduction

1. Risk Management

2. Threat Modeling

3. Threat Assessment

4. Remediating Vulnerabilites

5. Security Monitoring

6. Software Testing

Conclusion

Take notes with your new membership!

Skills covered in this course

Continue Assessment

Start My Free Month