Threat modelling aims at designing secure systems by identifying security threats and evaluating mitigations on a risk-based approach . Traditionally, threat modelling was conducted as part of a complex upfront analysis of the software architecture. With software engineering teams moving to a more agile way of working, the need to integrate security best practices into agile development is increasing.
Agile Threat Modelling offers a way for agile Software Engineering teams to mitigate security risks based on real threats in their system at the time of development.
This talk will walk you through an Agile Threat Modelling Workshop by using a hands-on example. You will learn how to conduct an Agile Threat Modelling Workshop and how to implement security best practises into your agile way of working. Outcome for the participants will be a set of methods to start running their own Agile Threat Modelling sessions in their teams.
We believe that Security is the responsibility of every member in the team ranging from Business Analysts to Experience Designer to Developers and Leads, we therefore also encourage people from non-technical roles to attend.