30-Minute Threat Model

Presented by

Kevin Poniatowski, Principal Security Instructor, Security Innovation

About this talk

While Threat Modeling is an incredibly useful process in determining the level of risk associated with an application, it can also be an intimidating process. In this webinar, Kevin will be performing a short threat model of a feature in one of our CMD+CTRL applications known as Shadowbank. This demonstration will guide new Threat Modeling practitioners into bypassing some of the difficulties Kevin experienced when creating threat models years ago. It will also give those new to the process an understanding of how Threat Modeling can be a beneficial addition to their SDLC. We'll cover topics such as: - Enumerating Assets, Roles, and Inputs - Finding the Correct Scope of the Threat Model - Enumerating Threats - Quantifying Risk & Prioritizing Fixes
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (128)
Subscribers (14798)
Security Innovation is an authority on software security and helps organizations build and deploy more secure software. Global technology vendors and enterprise IT organizations such as Microsoft, IBM, FedEx, ING, Symantec, Coca-Cola and GE rely on our expertise to understand the security risks in their software systems and facilitate the software and process change necessary to mitigate them. Security Innovation specializes in software security, an area where traditional “information security” and “business” consultants tend to struggle. We have been analyzing application vulnerabilities and risk for almost a decade and were one of the first providers of software risk solutions to Fortune 500 firms. Our unrivaled proficiency in technical analysis, coupled with sound knowledge of business processes, results in world-class solutions that bridge the gap between application security holes and risk management optimization.