Software Threat Modeling presented at Hacktivity 2012

by Shakeel Tufail,

Tags: Security

Summary : There are only a handful of threat modeling approaches in the industry which are difficult to implement due to the subjective guidelines. Our training session will focus on best practices and a hands-on approach that will provide attendees a better understanding of how to conduct threat modeling in their organization. Most threat models focus on attackers, we will look at the threat model using trust zones, identifying assets, indirect threats, and ambiguity analysis. We will also speak about secure design concepts and best practices for securing software architecture.
Learning Objectives:
At the end of this workshop, participants will be able to:
Understand the basics of threat modeling software applications
Understand the meaning of threats, attack vectors, and trust zones
Learn about ambiguity analysis
Learn about secure design concepts
Learn best practices for securing software architecture