Attending this event?
Wednesday, October 23 • 9:00am - 12:30pm
Training: Threat Modeling Workshop (1/2 Day, morning) LIMITED

Sign up or log in to save this to your schedule and see who's attending!

Limited Capacity seats available

(Free Course)  - Ticket must be reserved at https://lascon-x-training.eventbrite.com

Threat Modeling is a great way to identify security risk by structuring possible attacks, bad actors and countermeasures over a broad view of the targeted system. Attendees will learn hands on examples of basic threat modeling concepts and how to use them effectively.

This workshop will be a collaborative experience with threat model content created with the audience. We will open the session with a quick introduction and round up of the tools that will be used: attack trees, flow diagrams and related open source software.

Attendees will be able to choose between three ways of getting involved:
- Brainstorming; give your ideas to the whole group to model on a whiteboard.
- Pen and papers; model the group brainstorm ideas and add your own.
- Computer modeling; generate resulting models using code.

We will look at examples from the OWASP Threat Model Cookbook Project and invite attendees to contribute with their creations.

Course OutlineSession outline:
- Flash introduction on threat modeling
- Selection of participant roles and the target system
- Flow Diagram explanation and collaborative creation
- Attack tree explanation and collaborative creation
- View of code and computer generated diagrams

Required MaterialsPens and paper. Laptop required only if you want to model as code.

avatar for Jonathan Marcil

Jonathan Marcil

Jonathan has created over a hundred threat models during his career and enjoys sharing his experience. He currently leads the OWASP Media Project and is a board member of the OWASP Orange County chapter located in beautiful Irvine, California. Originally from Canada, he was the Montreal... Read More →

Wednesday October 23, 2019 9:00am - 12:30pm