Threat modeling
Erlend Oftedal
Half-day workshop - in English
Security companies estimate that 50% of security issues are bad system design. Such weaknesses cannot be found by automated tools. Threat modeling is the process of analysing your system and try to identify weaknesses in design and missing security controls.
This workshop will focus on software centric threat modeling. We will start with an introduction to threat modeling, and then put the theory into practice on a system.
The participants will learn how to get started with threat modeling and what the benefits and limitations are.
Primarily for: Developers, Tester/test leads, Project managers, Architects, Security professionals, Scrum masters
Participant requirements: