International PHP Conference
The Conference for PHP and Web Development

Continuous Threat Modeling – Identifying Security Problems In An Agile Way

Until conference starts:
✓ 2-in-1 conference package
✓ Group discount
✓ Extra specials for freelancers
Register now
Bis Konferenzbeginn:
✓ 5-Tages-Special
✓ Kollegenrabatt
✓ Special Discount für Freelancer
Jetzt anmelden
Thank you for attending
✓ See you in 2022!
Danke für Eure Teilnahme
✓ Bis 2022!
Thursday, June 10 2021
09:45 - 10:30

Threat modeling is about identifying what bad can happen and what you can do about it. It can find logical flaws and reveal problems in architecture or software development practices. These vulnerabilities cannot usually be found by security tools or by penetration testers. Tools don’t solve all our problems yet: we also need the human brain. This is where threat modeling comes to play. Threat modeling helps you deliver better software, prioritize your preventive security measures, and focus your security testing on the riskiest parts of the system. The beauty of threat modeling is that you can assess security before you start the implementation work. Threat modeling shifts security left. The presentation covers various methods, such as evil user stories, for finding security and privacy threats. You will learn how to analyze your epics and user stories to continuously build a threat model that helps you identify what kind of security problems your system can face and what kind of protection you should design. The session also includes an interactive part where we’ll go through a threat modeling case example. Everyone can participate and find security threats from the system, share their ideas of possible attack scenarios, and suggest mitigations.

This Session belongs to the Diese Session gehört zum Programm vom BerlinBerlin program. Take me to the program of . Hier geht es zum Programm von Munich München .

Take me to the full program of Zum vollständigen Programm von Berlin Berlin .

This Session Diese Session belongs to the gehört zum Programm von BerlinBerlin program. Take me to the current program of . Hier geht es zum aktuellen Programm von Munich München or oder Berlin Berlin .

Stay tuned!

Behind the Tracks of IPC

PHP Core & Coding
Best practices & applications

General Web Development
Broader web development topics

DevOps & Continuous Delivery
Learn about DevOps and transform your development pipeline

Software Architecture
All about PHP frameworks, concepts & environments

Web Security
All about web security

Software Quality
More about software testing tools & strategies

Agile & Company Culture
Getting agile right is so important

Content Management Systems
Sessions on content management systems

#slideless (pure coding)
See how technology really works

PHP Frameworks
All about PHP Frameworks

Docker, Kubernetes, Cloud
Cloud-based & native apps