The date for the release of slides and videos has not been determined.  
Please, visit the event site for further information.
Back To Schedule
Thursday, May 30 • 11:50am - 12:20pm
Three levels of complexity: Threat Modeling of Containerized Application

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Threat Modeling is a very powerful tool of Application Security; however, many organizations are struggling to use it. There is a common perception that the Threat Modelling is too heavy and should be done only at specific stages of development process. In the session I am going to explain how we can optimize threat modeling and improve the process outcome. As well as how we can handle a new dimension in the model since the containers usage requires attention to additional aspects which can be easily overlooked. The session will also touch aspects of success measurement and incremental improvements.  In addition I will provide examples of real cases when properly identified risks during thread modeling for containerized applications reduce the recently reported Docker and Kubernetes vulnerabilities impact.

avatar for Elena Kravchenko

Elena Kravchenko

Application Security Expert, CISSP, Micro Focus
Application Security Expert, CISSP• 6+ years as Security Lead for Business Unit ( global, multidisciplinary, 400+ developers)• 25+ years of software engineering, in different positions : software engineer, technical lead, system architect, application security lead• MS in Applied... Read More →

Thursday May 30, 2019 11:50am - 12:20pm IDT
Hall A