| |||||
| |||||
Search Irongeek.com:
Help Irongeek.com pay for bandwidth and research equipment: |
Robert Hurlbut Threat modeling is a way of thinking about what could go wrong and how to prevent it. Instinctively, we all think this way in regards to our own personal security and safety. Yet, often many software shops either skip the important step of threat modeling in secure software design or, after creating pretty diagrams, forget the models to do the "real work" of writing software without understanding potential problems. Based on last year's excellent book on Threat Modeling: Designing for Security by Adam Shostack, this session introduces threat modeling and creating threat models as a part of secure software design. We will also cover how to track threat models and some strategies for applying risk management in dealing with the threats. Bio: Robert Hurlbut, CSSLP, is an independent software and security consultant, developer, speaker, and trainer. Robert specializes in developing custom software business solutions for many industries, and provides secure code reviews and other software security assistance to companies. He has spoken at national and international conferences on various software security topics.
15 most recent posts on Irongeek.com:
|
If you would like to republish one of the articles from this site on your
webpage or print journal please contact IronGeek.
Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast