»Application Threat Modeling«
2019-02-02, 17:20–18:00, Main
In this talk, I am going to walk the audience through the Threat Modeling introduction. The program will consist of the overview of popular Threat Modeling methodologies and available tools.
Threat Modeling is an essential part of a secure software development process of any maturity. Building up a map of threats that are relevant for an application or system, measuring the impact and probability of these threats, and mapping existing and planned security controls to the related risks – is a crucial exercise that must be performed before the team hits the code and regularly after that.
During the talk, we will design an imaginary piece of software that implements a business idea, and build a Threat Model that maps all planned security activities throughout the software development project that implements it.