Explore the value of threat modeling as a development tool in this comprehensive conference talk from GOTO Amsterdam 2023. Gain insights into security principles, the Threat Modeling Manifesto, and practical techniques for implementing threat modeling at tactical and strategic levels. Learn about Continuous Threat Modeling (CTM) and discover Pytm, a Pythonic approach to threat modeling. Acquire tested suggestions for integrating threat modeling into your development process, benefiting developers, managers, and testers alike. Delve into key concepts such as security primers, values, principles, patterns, and anti-patterns in threat modeling. Access additional resources and recommended books to further enhance your understanding of this critical cybersecurity discipline.
The One Where We Threat Model During Development
Overview
Syllabus
Intro
Agenda
Security & threat model primer
Threat Modeling Manifesto
Values
Principles
Patterns
Anti-patterns
CTM: Continuous threat modeling
Pytm: Pythonic way of threat modeling
Resources
Outro
Taught by
GOTO Conferences
Related Courses
-
Using the Threat Modeling Manifesto to Build an Enterprise Threat Modeling Program
-
Threat Model Every Story - Practical Continuous Threat Modeling Work for Your Team
-
Securing Agile Development
-
Adaptive Threat Modelling
-
Threat Modeling for Secure Software Design
-
Myths of Threat Modeling - AppSec California
