The date for the release of slides and videos has not been determined.  
Please, visit the event site for further information.
Back To Schedule
Wednesday, May 29 • 11:20am - 11:50am
Bringing Rapid Prototyping To The Threat Model Process

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Threat Modelling is a powerful way of discovering security risks during software architecture and design. It can be used to build security into software and remove design flaws before actual code development starts. However, it can be a laborious and time-consuming exercise, which is not a happy marriage with Continuous Integration and DevOps methodologies. As a result, there is very poor adoption of threat modelling industry-wide. This talk will introduce the open-source Rapid Threat Model Prototyping (RTMP) process, which addresses these complications. It uses a just-in-time design process to quickly build a model and identify high-threat areas. The RTMP methodology is proven to speed up software threat analysis in fast-moving Agile/DevOps environments tenfold. It is perfect for creating more automated analysis workflows.

avatar for Geoffrey Hill

Geoffrey Hill

Founder and CEO, Tutamantic Sec
I have directly involved in application security since 2003 when I enhanced the Microsoft SDL to use with my customers' growing Agile projects. I also started using the Microsoft Threat Modeling process actively at this point and have been building my process over many years to adapt... Read More →

Wednesday May 29, 2019 11:20am - 11:50am IDT
Hall C