| Track: | Threat Model |
|---|---|
| When: | Tue PM-1 |
| Where: | Kings |
| Organizers | Steven Wierckx Steven Wierckx |
| Participants | Chris Allen Chris Allen , Adam Shostack Adam Shostack , Andrew Johnstone Andrew Johnstone , Aurelijus Stanislovaitis Aurelijus Stanislovaitis , Fabien Thalgott Fabien Thalgott , Imran Chaudhari Imran Chaudhari , Luis Saiz Luis Saiz , Ruben Tronçon Ruben Tronçon , Stuart Winter-Tear Stuart Winter-Tear , Tash Norris Tash Norris |
| Remote Participants | Ethan Schorer Ethan Schorer , Joset Zamora Joset Zamora , Lubo Vikev Lubo Vikev , Salma jalouqa Salma jalouqa |
Why
We all love Cheat Sheets. They are great to use when you need it but they are also great to learn because they force us to summarize the most important points.
What
- What are the main Threats against an API?
- Can we find common Threats that apply to APIs?
- Are there generic Threats we could check for applicability?
- Could we organize the Threats in Risk Patterns for APIs?
- Can they be summarized on a Cheat Sheet form?
Outcomes
A Cheat Sheet covering most common threats against APIs.
Register as participant
To register as participant add API Threat Modeling Cheat Sheet to either:
- the
sessionsmetadata field from your participant's page (find your participant page and look for the edit link). - or the
participantsmetadata field from this git session page
Back to list of all Working Sessions