1      0

(ISC)² Security Congress 2021 - Career Center & Recordings

1778580 - Evolving Threat Modeling for Agility and Business Value


Oct 20, 2021 11:45am ‐ Oct 20, 2021 1:00pm



Credits: None available.

Description

Many threat modeling approaches exist with new techniques and tools to perform the same activity for different scenarios. However, methodologies like DevSecOps pose a huge challenge for threat modelers in incorporating the demands of different teams including scaling and quality issues and in successfully demonstrating business value. This requires moving away from traditional practices to fit DevSecOps needs. After an elaborative study, we introduce a Maturity Model for Threat Modeling, focused on how it can be integrated with the enterprise. You will witness threat modeling as a central tool for security risk management, how various functions in the enterprise can be involved to address risk and finally preparing organizations to experience the right outcome for recommended tool categories at every maturity level.

Learning Objectives:
  • Address the challenges in traditional threat models to suit DevSecOps methodology.
  • Describe a maturity model to prepare organizations for the right levels of threats.
  • Recommend the right tool categories for every maturity level.

Speaker(s):

Tags: Intermediate

Credits

  • 1.25 - CPE

You must be logged in and own this session in order to post comments.