Threat Modeling: Start Small, Start Now

Wednesday, June 28, 2017 10:00am to 3:00pm at Convene City View Philadelphia

It’s no secret that far too many systems launch without adequately considering critical design flaws. Even in the information-critical financial services and medical industries, security reviews often get swept aside in the rush of agile development. Threat modeling directly reduces application cost and risk by methodically seeking and weeding out security flaws at the design phase. Yet, many – maybe most – organizations skip this common-sense step, fielding too many systems with design flaws that are costly and perhaps impossible to change.

The first step is to take the first step.

Symposium leader Ken Van Wyk, internationally recognized security expert and author, is passionate about starting small and starting now, looking to evolve a process that consistently delivers meaningful results.

Audience

Designed with the security architect in mind, this symposium will equip any security professional to immediately begin effective threat modeling of business applications and systems.

This event is for IANS clients and invited guests — there is no vendor sponsorship or presence.



Speaker

Ken Van Wyk

Ken Van Wyk

IANS Faculty

Ken is the President and Principal Consultant of KRvW Associate LLC



Agenda

Wednesday, June 28, 2017

This 5 hour, interactive event is a practical, hands-on exercise designed to equip security pros to effectively threat model their business systems and applications at the design stage. It combines presentation, discussion, peer conversation, and hands-on lab in an environment that is both fast-paced and casual.

Topics Include:

  • Threat modeling purpose and process
  • A conceptual overview of the major tools and methodologies; best use cases for each type
  • Whiteboard as weapon exercise: discuss, detect, dissect – threat modeling of an application