Loading…
The Open Web Application Security Project (OWASP) Los Angeles Chapter has teamed up with the Orange County, Inland Empire, San Diego, and San Francisco Bay Area chapters to bring you another great AppSec California. Join us and your peers for amazing talks and networking on January 22-25, 2019!
Back To Schedule
Thursday, January 24 • 2:00pm - 2:50pm
Threat Model Every Story: Practical Continuous Threat Modeling Work for Your Team

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Feedback form is now closed.
The good old days of waterfall! You had "The One Design To Bind Them All" and once it got all agreed, the developers would happily implement it "per spec". But alas, we are not there anymore. Agile methodologies basically guarantee that the deployed system will change, and change fast, since inception. Design emerges as it develops. How do we cope with that in Threat Modeling? This talk explores the way Autodesk is moving to a team-based collaborative and continuous Threat Modeling methodology, and how the dialog has moved the dependency away from security SMEs and into the team. PyTM, an Open Source threat-modeling-as-code support system is also presented.
Speakers
avatar for Izar Tarandach

Izar Tarandach

Sr. Staff Engineer
Long-time security practitioner, currently a Sr. Staff Engineer, previously Principal Security Engineer at Squarespace, where he also acted as (Interim) Head Of Security. With experience ranging from Bridgewater Associates to DellEMC via RSA, Autodesk, startup founder, investor and... Read More →

Threat Model Every Story AppSecCali2019 pptx
Thursday January 24, 2019 2:00pm - 2:50pm PST
Garden Terrace Room
  Talk: Build It