Overview
This session is taking an ironic look at how to best fail a Threat Modeling workshop. The experience and best-fails of various Threat Modeling experts is incorporated. After the session the listener will have a clear understanding what better not to do when setting up a Threat Modeling workshop.
Slides
About the speaker
Michael Bernhardt started his security career at 2008 where Threat Modeling quickly became a common practice of his work. Since then he has build up various Threat Modeling programs as well as heading 2 DevSecOps program for a development community of up to 33k developers, currently heading the Product Security team at Telefónica. He is a common speaker and blogger on the topic of security culture, security practices and management principles to build up security programs.