Value driven threat modeling
Threat Modeling is a great method to identify potential security weaknesses, and is an important part of any secure design. A threat model can help analyze how to best protect your assets, prevent attacks, harden your systems, and efficiently prioritize security investment. Regardless of programming language, threat modeling provides a far greater return than most any other security technique in the development process. Therefore, threat modeling should be an early priority in application design process. Unfortunately, it is common knowledge that building a full threat model is always heavily resource intensive, requires a full team of expensive security professionals, takes up far too much developer time, and does not scale at all.
But the common knowledge is wrong! In fact, this is not at all necessary, and should not be an excuse to avoid building a robust system. Using a value-driven approach, skilled development teams can very efficiently ensure that the features they build can protect themselves, the application, and the business value that the features were created for. Value Driven Threat Modeling offers an alternative to top-heavy, big-model-up-front threat modeling, in favor of agility, speed, and developer independence.
This talk will describe Value Driven Threat Modeling, and show how to incorporate it into your existing agile methodologies. We will discuss how developers can efficiently produce and leverage a threat model to improve application development, and walkthrough some example scenarios.