[POLL] What topics do you like to see more in 2023?

  • 20 December 2022
  • 8 replies
  • 144 views
Shuning
Rank
Userlevel 6

Hello community!

As we’re planning for the content for Threat Modeling Connect for 2023, we’d like to know what interests you the most and the top challenges where you’d like more resources and support around.

⬇️ Share your input by taking this poll:

(Feel free to add a comment and share more context/details, e.g. peer support groups for XYZ topics , workshops for XYZ topics)

Which topic do you like to learn more from your peers next year?

~Shuning @Threat Modeling Connect~

8 replies

preethisampath
Rank
Userlevel 2

 

Operationalizing a threat modeling program & Getting leadership buy-in are the 2 topics that i would like to know more about 

Shuning
Rank
Userlevel 6

Thank you @preethisampath for the feedback 😊 Are there specific areas within the operations of a TM program you’d like to explore/learn more about?

~Shuning @Threat Modeling Connect~
madchap
Rank

I think it is critical to build a TM program that engages developers to aim for as much self-service threat modeling, and bake it in as a cyclic activity.

Shuning
Rank
Userlevel 6

I think it is critical to build a TM program that engages developers to aim for as much self-service threat modeling, and bake it in as a cyclic activity.

Great feedback @madchap! We’ll definitely be exploring topics around developer engagement. The community meetup next month will be focused on the strategy and tactics for building and nurturing relationships with key stakeholders. I’ll share more info as soon as the event is scheduled!

~Shuning @Threat Modeling Connect~
JamesR
Rank
Userlevel 3
Badge

I would have to toss a vote in for Operationalizing a threat model program which might also include scaling that program. Easy to do a lot of things on a small scale, its adding 10k developers where it really starts to get fun!

James Rabe
Hoss
Rank
Userlevel 3
Badge

I voted for “Getting leadership buy-in” - I’ve found this to be a key topic in the success of those who are in the weeds of creating, operating, and maturing a threat modeling program.

I think the overall best topic, if I had a second vote, is for “Engaging the development teams” because this is the key to actually getting threat modeling done!

Shuning
Rank
Userlevel 6

I would have to toss a vote in for Operationalizing a threat model program which might also include scaling that program. Easy to do a lot of things on a small scale, its adding 10k developers where it really starts to get fun!

I voted for “Getting leadership buy-in” - I’ve found this to be a key topic in the success of those who are in the weeds of creating, operating, and maturing a threat modeling program.

I think the overall best topic, if I had a second vote, is for “Engaging the development teams” because this is the key to actually getting threat modeling done!

Appreciate the input @JamesR @Hoss! You made me think leadership and developer engagement are in fact all key parts of operationalizing a TM program and perhaps should not be looked at separately. Will make sure we address that in our new content.

~Shuning @Threat Modeling Connect~
nznigel
Rank
Userlevel 2
Badge

A session on the patterns and anti-patterns of the Threat Modeling Manifesto (https://www.threatmodelingmanifesto.org/) would be good.

It seems we all struggle at times to get TM working within an org, so by ensuring a plan has a good dose of the patterns - and measures to avoid the anti-patterns - then it’s definitely a good starting point.

Reply


Terms and Conditions, Community Guidelines and Privacy.Cookie settings
V2