Monday Jun 26
09:00 –
16:00
Continuous Threat Modeling: Practical, Agile Threat Modeling for Development Teams
We will examine how to use CTM, Continuous Threat Modeling, to implement threat modeling in an agile-compatible way for development teams. We will also look at OWASP pytm, a threat-modeling-with-code tool that helps automate some of the threat modeling work.
Requirements
- Basic understanding of system development
- Basic knowledge of Object Oriented syntax (objects and their attributes). Python experience not required.
- A laptop
- A Python 3 environment, or the ability to run a virtual machine in VirtualBox format
This course will feature
- An understanding of what Threat Modeling is, why it is beneficial and how it works in big strokes
- A detailed analysis of some publicly available threat models
- An overview of some of the currently in-use threat modeling methodologies, with practical exercises so the attendants can experience their pros and cons
- A discussion on the role of the developer in the threat modeling process
- A review of the Threat Modeling Manifesto and how it applies to bringing threat modeling practices to your organization
- An examination of the Continuous Threat Modeling methodology, followed by practical exercises
- A review of the existing Open Source threat modeling tools and their different usage scenarios
- A deep dive into pytm, the Pythonic library for threat modeling
Who this course is for
Developers, architects, testers and managers interested in Threat Modeling Security practitioners looking to sharpen their threat modeling skills
Continuous Threat Modeling: Practical, Agile Threat Modeling for Development Teams
Izar Tarandach
Monday Jun 26, 09:00
Vanilla JavaScript Web Components
Dylan Beattie
Monday Jun 26, 09:00
Clean Architecture in Practice
Hannes Lowette
Monday Jun 26, 09:00
Cloud Native Development with Quarkus
Holly Cummins
Monday Jun 26, 09:00
Intro to Bug Bounty Hunting and Web Application Hacking
Ben Sadeghipour
Monday Jun 26, 09:00