Agile Threat Modeling
Approximately 50% of threats in a system are related to architecture and design, so companies should act proactively at this point.
Thread modeling is a methodical approach that uses attack scenarios to identify threats in the system design that lead to real-life consequences for the system or business.
Under the pressure of digital transformation, the temptation for business managers/product owners to continuously deliver technical features is great.
However, security is also a permanently required feature and quality goal that customers expect and deserve.
In the workshop, the participant will be introduced to the approach according to the proven STRIDE method in a clear and comprehensible way with a mix of theory and practical exercises using show cases.
The workshop concludes with the participants learning how to make threat modeling attractive to employees who are not so security-savvy by using playful elements in the form of a card game.
Get to know Secure Design principles
Participants gain basic theoretical knowledge and based on this methodological knowledge in order to carry out a risk assessment of (web) systems
Threat Modeling as a method to discover design vulnerabilities
Create awareness of high cost and effort to fix design vulnerabilities
Getting to know gamification elements
Tips and tricks for applying threat modeling in practice
Developers, architects and DevOps engineers, but also product managers and IT security architects with a basic understanding of IT architectures.
Timo Pagel incorporates his knowledge from over 20 years in operations and development into his trainings. As a DevSecOps consultant, he not only advises at the strategic level but also lends a hand.