HF 2021 - Call for Papers

Threat modeling: Field guide to staying ahead of the bad guys
2021-11-20, 16:00–16:50, Hackfest - Track 1

Whether you are a builder or a defender, keeping your applications secure grows increasingly hard as they increase in number and complexity, especially without a proper game plan. This talk aims to explore a solution in Threat Modeling, a process that enables developers and security professionals alike to pinpoint security requirements and identify weaknesses and vulnerabilities before they make it into a product as well as quantify threat and prioritize remediation efforts for existing vulnerabilities.

This talk is addressed to current and future software professionals (developers, testers and security specialists) and aims to present the concept of Threat Modeling as well as some of the industry-standard tools and methodologies. After this talk, attendees should feel ready to apply the STRIDE methodology to perform basic threat modeling on their own systems as well as understand the value that it brings to an organization and, more precisely, a software development team. It is recommended to have a basic understanding of common threats and threat sources before attending this session.

Are you releasing a tool? – no Have this talk already be given? – no
See also: Slides