Thu, 22 Jun, 15:00 - 16:00

Developer engagement for threat modeling

About this event

If developers must threat model, if they are to integrate threat modelling into their development process, how do we go about that? Based on broad experience, demanding that “every change must be threat modelled” will generate significant distrust and inter-organization friction. Mandates rarely work by themselves. Effective developer-centric security, developer empowered threat modelling, typically needs significant help and ongoing support. Brook S.E. Schoenfield explains how his approaches have gotten threat modelling universally adopted by populations of thousands of eager developers.

Event details
Date and time
Thu, 22 Jun, 15:00 - 16:00 (UTC)