Please join us on Friday, October 30th, 2020 for “Hacking Bad Threat Modeling: An hour of critical thinking about the worst ways to identify what could go wrong”.
It all starts at 10 AM Pacific/1 PM Eastern and we go for one hour. And at 11 AM Pacific/1 PM Eastern we’ll have impromptu 1-on-1 meetings where everyone will be randomly paired for five 5-minute meetings. Nothing to prepare, we’ll do the matching.
This conversation is for people completely clueless about threat modeling and those seasoned professionals who are kind of fed up with the confusion that’s making them clueless. Why are experts so emphatic about one threat modeling technique over another? What’s right for me?
Joining me for this discussion will be:
- Archie Agarwal (@myappsecurity), CEO, ThreatModeler Software
- Adam Shostack (@adamshostack), Author, Threat Modeling: Designing for Security
Here are some questions to consider prior to our conversation:
- What makes a threat model “bad”?
- Can a threat model be bad for one company but perfect for another? Is that possible among similar companies in the same industry?
- How do we make positive change in threat modeling?
- There’s a lot of debate and expertise around a variety of threat models. Who do I trust?
- What are the things you need to capture in a threat model? What do I need to consider?
- What should a newbie be looking at so they’re not overwhelmed and confused with threat modeling?
Special thanks to our sponsor, ThreatModeler Software
- Best bad ideas get first responses in “Department of YES”.
- The BEST bad idea wins an award and a $25 Amazon gift card.
The CISO Series Video Chats are open discussion where all viewers and listeners are welcome to become participants. Before the scheduled event, connect your webcam and microphone (avoid Bluetooth) and test your equipment here. During the discussion, if you have a question or comment, let it be known in the chat room and our producer will do his best to get as many of you into the conversation. We look forward to you joining us.