The One Where We Threat Model During Development

Threat Modeling has been growing as a discipline for the last few years, and much has been said about methodologies, how-to's, what to expect, what value to extract from it, and how to get it into the organization, but mostly from the side of the security practitioner. In this talk, aimed at developers, managers and testers, we will explore the value of threat modeling as a development tool. Attendees should leave this talk with a number of tested suggestions on how to make the principles and techniques of Threat Modeling work at tactical and strategic levels.