Loading…
LASCON X has ended
Wednesday, October 23 • 1:30pm - 5:00pm
Training: Threat Modeling Workshop (1/2 Day, afternoon) LIMITED

Sign up or log in to save this to your schedule and see who's attending!

Limited Capacity seats available

(Free Course)  - Ticket must be reserved at https://lascon-x-training.eventbrite.com

Threat Modeling is a great way to identify security risk by structuring possible attacks, bad actors and countermeasures over a broad view of the targeted system. Attendees will learn hands on examples of basic threat modeling concepts and how to use them effectively.

This workshop will be a collaborative experience with threat model content created with the audience. We will open the session with a quick introduction and round up of the tools that will be used: attack trees, flow diagrams and related open source software.

Attendees will be able to choose between three ways of getting involved:
- Brainstorming; give your ideas to the whole group to model on a whiteboard.
- Pen and papers; model the group brainstorm ideas and add your own.
- Computer modeling; generate resulting models using code.

We will look at examples from the OWASP Threat Model Cookbook Project and invite attendees to contribute with their creations.

Session outline:
- Flash introduction on threat modeling
- Selection of participant roles and the target system
- Flow Diagram explanation and collaborative creation
- Attack tree explanation and collaborative creation
- View of code and computer generated diagrams

Required Materials: Pens and paper will be provided. Laptop required only if you want to model as code.


Speakers
avatar for Jonathan Marcil

Jonathan Marcil

Jonathan has created over a hundred threat models during his career and enjoys sharing his experience. He currently leads the OWASP Media Project and is a board member of the OWASP Orange County chapter located in beautiful Irvine, California. Originally from Canada, he was the Montreal... Read More →


Wednesday October 23, 2019 1:30pm - 5:00pm
TBA