Watch more sessions
- Trailblazers: exploration, discovery, & navigating failure
- DevSecOps and Secure Incident Response
- Toxic Velocity: Speed Kills
- Day-two Operation of Multi-cloud Kubernetes and Vault
- Manage Panel Discussion
- Authorization: Ensuring Only Ada Can Access Her Files
- Lifecycle of a Pulumi Program
- Forecasting the Future: Creating a Radar for Risk
Threat modeling is an extremely valuable tool in the security software development pipeline. Some studies suggest it has greater impact on security posture than other more widely practiced security activities. There are many different frameworks, models, and methodologies that have been developed in an attempt to make threat modeling easier. However, these popular approaches to threat modeling are still too cumbersome, structured, or time consuming to fit into modern DevSecOps
In 2020, a group of 15 security professional released the Threat Modeling Manifesto to formalize decades of combined experience into a declared vision of what threat modeling truly is and what makes it important. Learn from one of these authors about the values and principles of what threat modeling should be. Discover how this often-over-looked activity can actually make our CI/CD pipelines more efficient while improving overall security of software. Get practical examples of how the manifesto serves as a guide to define or tailor a methodology that fits enhances software development rather than holding it up.
- Alyssa MillerHacker, Security Advocate, and Cyber Security Executive
Transcript coming soon.
Get started today
Pulumi is open source and free to get started. Deploy your first stack today.