Threat modeling seek to identify, communicate, document, and understand threats and mitigations within the context of protecting the business assets. Part of threat modeling therefore would involve discovering potential security vulnerabilities. Security vulnerabilities are normally identified by performing security vulnerability scans in the target environment (s).
Compare and contrast the process/steps of threat modeling/vulnerability scanning in the following cloud service providers’ environments:
- Microsoft Azure
- Amazon Web Services (AWS)
- Discuss and compared four (4) requirements necessary to be performed threat modeling in Azure and AWS platforms?
- Discuss two common tools use to perform threat modeling in both AWS and Azure cloud platforms
- Would you need permission to perform threat modeling with your PaaS service provider? If yes, why?
DQ requirement:
Outline your discussion under relevant headings, matching the question asked. Also note that the requirement is to post your initial response no later than Thursday and you must post atleast one additional post during the week (Sunday). I recommend your initial posting to be between 200-to-300 words. The replies to fellow students and the professor should range between 100-to-150 words. All initial posts must contain a properly formatted APA in-text citation and scholarly reference.