Threat Modeling Wins for Agile AppSec
“There are two ways of constructing a software design. One way is to make it so simple that there are obviously no deficiencies. And the other way is to make it so complicated that there are no obvious deficiencies” – CAR Hoare
Threat modeling for long has been a “design level” activity that fit in right at the beginning of a well defined application security strategy, and rightfully so. However, the current speed and scale of product and security engineering has forced software teams to overlook this very critical element of software security…and rightfully so!
In this talk, I delve into the world of application threat modeling, expanding and demystifying on the chatter that product teams have been exposed to, expanding on some of the cause and effects of Threat Modeling not seeing its rightful place in agile product engineering. The presentation would also introduce the audience to two schools of thought – Component Driven Threat Modeling and Offense (Abuser Case) Driven Threat Modeling, with their unique set of use cases and applicability. The talk would finally culminate introducing the audience with Threat PlayBook – the open source, community driven threat-modeling-as- code fabric.
What the audience would take away from the talk
• The context of Threat Modeling in the current state of Product Engineering
• The problem with Threat Modeling today
• A compare and contrast of Component Driven and Offense Driven Threat Modeling
• Threat Modeling as a route to better test case design and automation
• Threat Modeling as Code using Threat PlayBook