Discover a fast-paced, backlog-based approach to threat modeling in DevSecOps environments without the need for additional tools or slowing down development. This 42-minute conference talk from NorthSec 2020 challenges common misconceptions about threat modeling in high-paced development paradigms. Learn how to implement an effective threat modeling process that aligns with DevSecOps principles, fostering a culture of shared responsibility for security. Explore the core purpose of threat modeling, identify crucial components, and understand key questions to ask. Gain insights into leveraging user stories for seamless integration of threat modeling into development timelines. Presented by Alyssa Miller, an experienced hacker, security advocate, and professional, this talk offers valuable strategies for implementing threat modeling in any development paradigm without compromising efficiency.
Overview
Syllabus
NorthSec 2020 – Alyssa Miller – Look! There's a Threat Model in My DevSecOps
Taught by
NorthSec
Related Courses
-
DevSecOps Fundamentals
-
Inside Out Security - Building Castles not Warehouses
-
From DevOps to DevSecOps
-
Threat Model Every Story - Practical Continuous Threat Modeling Work for Your Team
-
Rapid Threat Model Prototyping - Threat Modeling for Agile & DevOps
-
Threat Model-as-Code: Integrating Security into the Software Development Lifecycle
