Threat Modeling: From None to Done
Event description
This session offers participants an interactive introduction to application Threat Modeling and its use as a technique for identifying consequential ("Yes, and...") security requirements. A key focus of this course is applying Threat Modeling as a daily practice within your organization's software development processes, to improve the overall quality and security of the applications you build.
In addition to addressing key questions around the "Five Ws," the presentation will cover the instructor's "Seven Questions" approach (adapted from Adam Shostack's "Four Questions") to developing a model, and include several interactive exercises to provide direct experience. A brief review of available modeling tools will also be included, along with a discussion of the opportunities and challenges for introducing Threat Modeling into your SDLC.
Requirements:
A Laptop, the instructor will get
your email address so they can contact you with other requirements.
Lunch will be catered please be sure to list any requirements when buying your ticket.
We thank you for your interest in this course. All courses are dependent
on having enough attendees to cover the basic costs. If we are not able
to sell enough tickets to cover the cost we will refund your ticket
price. Refunds will be provided in this case by us for any tickets
purchased up to the day we cancel. If the trainers are not able to make
it, if there are natural disasters or situations that prevent the event
from running that are beyond our control we will refund your ticket cost
in that case as well.