Recording

Incremental Threat Modeling

  • 18 April 2024
  • 0 replies
  • 64 views
Incremental Threat Modeling
Userlevel 6

How do you introduce threat modeling to your existing codebase without slowing everything else down (aka the expensive “security push”)? Incremental threat modeling might be the answer. Incremental threat modeling concentrates on current additions and modifications that can be time-boxed to fit the tightest of agile lifecycles and still deliver security benefits.

In this hands-on workshop, you’ll:

  1. Learn the technique of incremental threat modeling
  2. Practice modeling an addition of a new feature to a realistic architecture
  3. Find threats relevant to the feature while keeping the activity focused (i.e. not trying to boil an ocean)

 

Resources

Slides

https://4550632.fs1.hubspotusercontent-na1.net/hubfs/4550632/Threat%20Modeling%20Connect/Threat%20Modeling%20Lab/Incremental%20Threat%20Modeling_Nov_2023/Threat%20Modeling%20Lab_%20Incremental%20Threat%20Modeling_Irene_Michlin.pdf

Miro board

 

Speaker

Irene Michlin, Application Security Lead, Neo4j


0 replies

Be the first to reply!

Reply


V2