Cap Diebel on Threat Modeling at OWASP Austin

Denim Group‘s very own Cap Diebel will be presenting at OWASP Austin on October 31st.  He will be talking about Threat Modeling and the title of the talk is “How to Understand How Attackers Will Attempt to Exploit Your App.”  The abstract is:

The term “threat modeling” has become quite popular recently. Microsoft has
published a book about their process and includes threat modeling as a key
activity in their Secure Development Lifecycle (SDL).

A threat model is essentially a structured representation of all the
information that affects the security of an application. In essence, it is
a view of the application and its environment through security glasses.

Threat modeling is a process for capturing, organizing, and analyzing all
of this information. Threat modeling enables informed decision-making about
application security risk. In addition to producing a model, typical threat
modeling efforts also produce a prioritized list of security improvements
to the concept, requirements, design, or implementation.

Denim Group will present an overview on the process of making web
applications more secure by identifying attack vectors and designing to
defeat those attacks.  They will provide an overview of threat modeling,
provide examples of how it is relevant to the development process, and will
introduce you to tools and approaches that will enable you to successfully
implement threat modeling techniques within your organizations.

The meeting will be held from noon until 1:00pm at:

Whole Foods Market
550 Bowie Street
Austin, TX 78703-4677

Hope to see folks there.  Attendance, as always, is free.

–Dan
dan _at_ denimgroup.com

About Dan Cornell

A globally recognized application security expert, Dan Cornell holds over 15 years of experience architecting, developing and securing web-based software systems. As the Chief Technology Officer and a Principal at Denim Group, Ltd., he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process. He is also the original creator of ThreadFix, Denim Group's industry leading application vulnerability management platform.
More Posts by Dan Cornell

Leave a Reply

Your email address will not be published. Required fields are marked *