Properly securing your applications and data require an understanding of the threats facing them. Threat modeling is the methodology for identifying and quantifying the threats your application can and will face. There are a number of resources available for performing a threat model but this session will get you started building a strategy from nothing.

Comments

Please login to leave a comment

Chris Abbey at 13:06 on 21 May 2025

Eric certainly got folks attention with his opening story... mind blowing results there.

Then a great tour of how to prevent someone telling that same story about YOU in the future, or worse. I took at least one immediate todo in the middle of the talk... and probably a few more when we get home.

Andrew Easton at 13:20 on 21 May 2025

great talk covering multiple steps for security threat modeling and testing. particularly enjoyed the opening credit card story

Thanks for the talk! This gave me a lot to think about and how I can bring some of these concepts back to my team and organization.

Andrew Woods at 21:00 on 21 May 2025

I really enjoyed this one. Security is one aspect of development and general computering I wish I knew much more about. It's quite scary to discover what's possible, and what some people are actually inflicting upon others. So it's great to hear Eric talk about it, and to give us all the information on how to protect our projects.

s w at 22:28 on 22 May 2025

Broad coverage for a 1 hour talk.