Loading…
Attending this event?
View analytic
Monday, February 18 • 16:00 - 17:30
Whiteboard hacking – aka hands-on Threat Modeling

Sign up or log in to save this to your schedule and see who's attending!

Threat modeling is a structured activity for identifying and evaluating application threats and vulnerabilities. The talk will cover real use cases covering the different stages of threat modeling.


Abstract
Threat modeling is the primary security analysis performed during the software design stage. It is a structured activity for identifying and evaluating application threats and vulnerabilities. The activities in the threat modeling stage help you find design flaws in your application and its supporting architecture. You can use these identified vulnerabilities to help shape your design and direct and scope your security testing.

Unfortunately, there is a gap between academic knowledge of threat modeling and the real world. In this session, we aim to minimize this gap through a set of practical use cases. These use cases are derived from real-world projects. This session explains a 4 step threat modeling approach covering four main questions:

(1) What are we building?
(2) What can go wrong?
(3) What are we doing to mitigate this?
(4) How do we follow-up on our threat model?

Additionally, we cover the integration of threat modeling in traditional, agile and DevOps activities.


This session is intended for Software developers, architects, system managers and security professionals.

Speakers
SD

Sebastien Deleersnyder

Application Security Lead, Toreon


Monday February 18, 2019 16:00 - 17:30