Masterclass | Threat Modeling for Designing Security

Designing for Security: The Threat Modeling Approach, with Avi Douglen

How secure is secure enough?

We’ve all been there – we’ve spent too much time and resources on security, but 3 months later we still get breached anyway. “But we followed all the ‘Best Practices’!” all the developers cry.

In this crash course on secure software design, AviD will show why every software development process should start with Threat Modeling, how to get security to contribute to the bottom line, and what to do as part of a robust threat modeling process.

And we won’t just scratch the surface and stop there! We will discuss some of the challenges that face an agile development organization trying to implement this effective activity. I will show you an alternative, lightweight approach and several efficient techniques to that will enable you to integrate Threat Modeling into your developer workflow.

Zero Trust Security: a primer, with Luísa Lima, Fyde

Is there still such a thing as a network perimeter? Should we still be basing our security policies on network locality? In this talk, we will provide an introduction to the concept of Zero Trust security, from theory to practice, and show how simple assumptions trump complex configurations.