Look! There's a Threat Model in My DevSecOps

Discover a fast-paced, backlog-based approach to threat modeling in DevSecOps environments without the need for additional tools or slowing down development. This 42-minute conference talk from NorthSec 2020 challenges common misconceptions about threat modeling in high-paced development paradigms. Learn how to implement an effective threat modeling process that aligns with DevSecOps principles, fostering a culture of shared responsibility for security. Explore the core purpose of threat modeling, identify crucial components, and understand key questions to ask. Gain insights into leveraging user stories for seamless integration of threat modeling into development timelines. Presented by Alyssa Miller, an experienced hacker, security advocate, and professional, this talk offers valuable strategies for implementing threat modeling in any development paradigm without compromising efficiency.