Why Threat Modelling Birds Of a Feather?

  • 9 August 2023
  • 2 replies

Userlevel 4

ThreatModCon 2023 has chosen to foster greater threat modelling practitioner dialogue through a birds of a feather lunch at the conference.

In 2011, at SANS What Works In Security Architecture Summit, it struck me that practitioners rarely get an opportunity to discuss recurring issues, to discuss the practice. We do an awful lot of “knowledgeable presenter” dispensing learnings. But we don’t make space for people who practice every day to discuss how they do things, to refine our discipline through unstructured interchange. 

As practitioners of an engineering discipline, what we do I believe will most certainly benefit from lively discussion, from strongly held opinions, hopefully held loosely enough that we listen to each other, searching for commonality and improvement. 

Networking events don’t lend themselves to focused discussion. These are more, “meet and greet”, which is fine so far as it goes, but does not advance the practice.

After much reflection by ThreatModCon’s organizing committee, we’ve decided to include, over lunch, a series of open discussion tables, each based upon a major threat modelling discipline theme. Each table will be facilitated to ensure that discussion remains focused, and civil. But, these will not be “led” discussions. Participants bring themselves and their ideas to the common “pot” that makes up a collective understanding.

Participants are free to move from table to table as interest dictates. Of course, there will be alternate lunch spaces for those who don’t care to participate at all: participation in the birds of a feather discussions is not mandatory, though highly encouraged.

Please feel free to let the organizing committee know your topic needs before the conference. Comments to this post will be monitored.

Thank you

See you at ThreatModCon. I’m greatly looking forward to talking with any and all participants.




/Brook S.E. Schoenfield


2 replies

Userlevel 1

Thats a great idea. Thanks for informing us. Depending on how many tables there are, I may want to be in different places at the same time. Hopefully next year, this approach can be properly included in the schedule to give attendees an opportunity to attend multiple topics that are relevant to them.

Userlevel 2

4 question framework, 1 table for each question, that would probably work.

Potentially 2 tables per question, one for people/process/program aspects, one for engineering/automation/AI aspects.