Using adversarial modelling in driving secure application development
Use cases are helpful for eliciting, communicating and documenting requirements. Additionally, use cases are also useful in gaining an understanding of the features of the application. Similarly, to identify threats that can materialize within an application, the concept of misuse cases was introduced as a means of conceptualizing the different possibilities of attacks against an application. Thus, in the context of secure application development, this provides product development teams actionable insights during the development process to combat techniques that are adopted by an adversary.
The speaker will share his thoughts and strategies around conducting modelling and simulation from an adversarial perspective. Attendees will be introduced to an intentionally flawed application and will be exposed to tools/techniques in determining the various attack scenarios that may be subjected upon it.