Threat Modelling: From None to Done

Actions Panel

Threat Modelling: From None to Done

Threat Modelling from Dr John DiLeo of Datacom and OWASP NZ

By CHCon

Date and time

Thu, 24 Nov 2022 12:00 PM - 7:00 PM NZDT

Location

Hanmer Springs Retreat

35 Hanmer Springs Road Hanmer Springs, Canterbury 7334 New Zealand

Refund Policy

Contact the organiser to request a refund.

About this event

This session offers participants an interactive introduction to Threat Modelling, as a process for identifying consequential ("Yes, and...") security requirements in software systems. By introducing threat modelling activities into your organisation's software development processes, you will improve the overall quality and security of the applications you build and maintain.

After addressing key questions around the "Five Ws," the presentation will cover the instructor's "Seven Questions" approach to developing a model (an expansion of Adam Shostack's "Four Questions"), and include several interactive exercises.

We'll present an overview of Incremental Threat Modelling as an approach to building threat models for existing/legacy systems. A brief review of available modelling tools will also be included, along with a discussion of the opportunities and challenges for introducing Threat Modelling into your SDLC.

Sales Ended