Explore the implications of zero trust architecture on application security and threat modeling in this 43-minute conference talk. Learn how zero trust challenges traditional trust boundaries and uncovers new threats in classic threat modeling approaches. Discover the foundations of zero trust in application security, understanding its focus on objects and subjects. Examine how zero trust principles transform threat modeling practices and introduce new design considerations. Gain insights into a mnemonic for applying major zero trust threats to threat modeling and explore a new taxonomy of threats specific to zero trust applications. Presented by Chris Romeo, CEO of Devici and industry expert in application security, this talk offers valuable perspectives on adapting threat modeling techniques for the zero trust era.
Overview
Syllabus
Zero Trust Threat Modeling
Taught by
OWASP Foundation