| Track: | Threat Model |
|---|---|
| When: | Mon Eve-1 |
| Where: | Threat Modeling |
| Organizers | Stephen de Vries Stephen de Vries , Paúl Santapau Paúl Santapau , Jorge Esperón |
| Participants | Toby Shelswell Toby Shelswell , Steven Wierckx Steven Wierckx , Adam Shostack Adam Shostack , Daniel Garcia (cr0hn) Daniel Garcia (cr0hn) , Fabien Thalgott Fabien Thalgott , Luis Saiz Luis Saiz , Stephen Hookings Stephen Hookings , Tash Norris Tash Norris |
| Remote Participants | Ernesto Bethencourt Ernesto Bethencourt |
What
IriusRisk provides its own approach to Threat Modeling. A Questionnaire based implementation linked to a Rules Engine, gives IriusRisk the power of scaling the Threat Modeling activity in an easy way. Integration with external tools (Issue Trackers, SAST, DAST, Testing frameworks, etc.) makes the follow up of those models an easy tasks as well.
Outcomes
During this session we’ll drive the attendants through the IriusRisk approach and the main core features of the solution.
Who
The target audience for this Working Session is:
- Developers
- Security professionals
- DevSecOps
- Security champions