Denim Group‘s very own Cap Diebel will be presenting at OWASP Austin on October 31st. He will be talking about Threat Modeling and the title of the talk is “How to Understand How Attackers Will Attempt to Exploit Your App.” The abstract is:
The term “threat modeling” has become quite popular recently. Microsoft has
published a book about their process and includes threat modeling as a key
activity in their Secure Development Lifecycle (SDL).
A threat model is essentially a structured representation of all the
information that affects the security of an application. In essence, it is
a view of the application and its environment through security glasses.
Threat modeling is a process for capturing, organizing, and analyzing all
of this information. Threat modeling enables informed decision-making about
application security risk. In addition to producing a model, typical threat
modeling efforts also produce a prioritized list of security improvements
to the concept, requirements, design, or implementation.
Denim Group will present an overview on the process of making web
applications more secure by identifying attack vectors and designing to
defeat those attacks. They will provide an overview of threat modeling,
provide examples of how it is relevant to the development process, and will
introduce you to tools and approaches that will enable you to successfully
implement threat modeling techniques within your organizations.
The meeting will be held from noon until 1:00pm at:
Whole Foods Market
550 Bowie Street
Austin, TX 78703-4677
Hope to see folks there. Attendance, as always, is free.
dan _at_ denimgroup.com