Getting started with Threat Modeling

Key takeaways
  • You will learn how to identify weaknesses in your design
  • You will learn how to model the system in a way that helps identify issues

Security companies estimate that 50% of security issues are the result of problems in the system design. Such weaknesses cannot be found by automated tools. Threat modeling is the process of analysing your system and trying to identify weaknesses in design and missing security controls. This talk will introduce you to threat modeling and explain some of the techniques you can use to identify those threats in your systems. This workshop will help you get started with threat modeling. We will work in groups and create a threat model for a fictitious system. We will create a diagram, find threats, and discuss how to mitigate the threats. No previous threat modeling knowledge is required to participate. Outline: - Introduction to threat modeling - Practical modeling exercise - Review and discussion - Threat discovery theory - Threat discovery exercise - Review and discussion - Threat mitigation exercise - Review and discussion - Good practices and wrap up

Erlend Oftedal

Sharpen your skills. Explore

Pick your topics of interest below
Large Spinner


Partners, Sticker Mule

Best companies

Best companies, Qlik
Best companies, VP Securities
Best companies, Telavox
Best companies, EDP
Best companies, Avensia
Best companies, Citerus
Best companies, Avega Group
Best companies, Handelsebanken
Best companies, Play'n'GO
Best companies, Capgemini
Best companies, Trustly
Best companies, Danskebank
Best companies, Lantmäteriet
Best companies, ÅF