Back To Schedule
Tuesday, February 7 • 4:00pm - 4:30pm
Modelling Threats Out In The Open (Source) - Dan Conn, Developer Advocate, Sonatype

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.

Secure development is hard. Throughout the entire development of an open source project, security needs to be top of mind due to a potential myriad threats. Security matrices backed by a comprehensive threat model may be required, so that the threats of a system can be evaluated. Card games using STRIDE are great when your project has a large core team, but what if you only have a couple of people? What if your threats are better served by DREAD, PASTA or LINDDUN? What even are these acronyms?! Arrgggh! This talk will explore how to make threat modelling easier for developers through an open source tool, Threagile. Equipping yourself with a better understanding of these models will enable you to pinpoint threats before review.

avatar for Dan Conn

Dan Conn

Developer Advocate, Sonatype
Dan Conn likes to sit in the point between cyber security and development and over the past 10 years has worked as a developer in small startups, large corporates and many in between, catering for clients both public and private sector from SME size to enterprise. He has also had... Read More →

Tuesday February 7, 2023 4:00pm - 4:30pm GMT
Churchill, Ground Floor