Recording

Developing a Threat Modeling Mindset

  • 29 January 2024
  • 0 replies
  • 88 views
Developing a Threat Modeling Mindset
Userlevel 5

Overview

Threat modeling is a way of thinking about what can go wrong and how to prevent it. Instinctively, we all think this way in regard to our own personal security and safety. When it comes to building or evaluating information systems, we need to develop a similar mindset - a Threat Modeling Mindset.

Outline

  • Understanding a system
  • Identifying threats and vulnerabilities 
  • Determining mitigations 
  • Applying the mitigations through risk management
     

 

Slides

https://4550632.fs1.hubspotusercontent-na1.net/hubfs/4550632/Threat%20Modeling%20Connect/ThreatModCon/ThreatModCon2023%20Slides/ThreatModCon2023-Developing_Threat_Modeling_Mindset_Workshop_RobertHurlbut.pdf

Handout

https://4550632.fs1.hubspotusercontent-na1.net/hubfs/4550632/Threat%20Modeling%20Connect/ThreatModCon/ThreatModCon2023%20Slides/ThreatModCon2023-Developing_Threat_Modeling_Mindset_Handout_RobertHurlbut.pd

 

About the speaker

Robert Hurlbut is a Principal Application Security Architect / Threat Modeling Lead at Aquia, Inc. Robert has 30 years of industry experience in secure coding, software architecture, and software security. He speaks at user groups, national and international conferences, and provides training for many clients. Robert is a co-author of the Threat Modeling Manifesto (https://threatmodelingmanifesto.org). You can find Robert on Twitter at https://twitter.com/roberthurlbut and as a co-host for the Application Security Podcast at https://podcasts.apple.com/us/podcast/the-application-security-podcast/id1154351685.


0 replies

Be the first to reply!

Reply


V2