Threat Modeling is considered an essential activity in the modern Software Development Life-cycle. It helps in identifying threats and possible vulnerabilities early, to a point where, if done correctly, the vulnerability never surfaces in a given environment or application. However, Threat Modeling is done ineffectively by most organizations. Threat Modeling has been reduced to infrequent and ineffective process. Most organizations do Threat Modeling for large systems, resulting in a “boil the ocean” effect, leading to ineffective Threat Analysis. Worse, this has no meaning or bearing on engineering and product teams that actually deliver these applications to customers.
This training focuses on delivering effective Threat Modeling in the Agile SDLC. The training takes battle-tested threat modeling principles and methodologies and trains students on how they can implement an effective, yet efficient Threat Model in a time and resource constrained Agile (and DevOps) driven SDLC.
What would I be able to achieve through this training?
This training will help attendees develop a deep understanding of threat modeling practices and concepts. Additionally the training demonstrates threat modeling per feature which would help attendees achieve iterative threat modeling in an agile SDLC.
How would this program benefit Security and Product Engineers?
Threat modeling brings development and security teams closer. Security professionals better understand the architecture and workflow of the product while developers learn more about security threats specific to their product. Threat modeling therefore helps these teams to better appreciate what the other does, enabling better acknowledgement of security controls and remediation strategies.
While Sherlock is a fictional character, we can draw certain parallels to application security from his approach to deductive investigation. Sherlock uses something akin to a Threat Modeling approach to encompass for all factors prior to making deductions.
No actionable outputs usually emerge from Threat Modeling and thereby, the activity is relegated to the status of a "Policy/Best Practice Document". We believe that threat models are playbooks of product security engineering and thus, we feel that the best way to conduct it is by integrating it into the Software Development Lifecycle (SDLC).
It is our belief that Threat Models should produce actionable outputs. Which is why, we have developed “ThreatPlaybook" - an open source "Threat Modeling as Code" framework, that allows product teams to capture user stories, abuser stories, threat models and security test cases in YAML files.