Robert Hurlbut - Is Threat Modeling for Me? - May 9, 2015

Security BSides Boston - Is Threat Modeling for Me? - May 9, 2015

Is Threat Modeling for Me? Slides: Pdf

Threat modeling is a way of thinking about what could go wrong and how to prevent it. Instinctively, we all think this way in regards to our own personal security and safety. Yet, often many software shops either skip the important step of threat modeling in secure software design or, after creating pretty diagrams, forget the models to do the "real work" of writing software without understanding potential problems. Based on last year's excellent book on Threat Modeling: Designing for Security by Adam Shostack, this session introduces threat modeling and creating threat models as a part of secure software design. We will also cover how to track threat models and some strategies for applying risk management in dealing with the threats.


Video of Robert Hurlbut, Recorded by IronGeek.com


Hi, I am Robert Hurlbut, a software security consultant, architect, speaker, trainer, and Microsoft MVP. I help teams design secure software and applications using Threat Modeling, write secure software through consulting and mentoring, and make sure developers and other staff are secure through training. Learn more about me.
View Robert Hurlbut's profile on LinkedIn

What's New?

8/1/2017: Introduction to Personal Digital Privacy and Security at Danbury Area Computer Society (DACS), Danbury, CT.

7/15/2017: Developing a Threat Modeling Mindset at BSides Chicago 2017.

7/1/2017: Robert was named a Microsoft MVP for Developer Security / Visual Studio and Development Technologies for 2017-2018 (3rd year in a row).

6/14/2017: OWASP Review slides from Amherst Security Group.

Sign up to be notified of updates


Upcoming Speaking / Training

9/11/2017
DevSecCon Boston, Boston, MA
Threat Modeling Workshop

9/17/2017
Vermont Code Camp 2017, Burlington, VT
Threat Modeling for Secure Software Design

9/19/2017
AppSecUSA 2017 Developer Summit, Orlando, FL
Developer Summit - Workshop on Using OWASP Threat Dragon for Threat Modeling

10/5/2017
New York Metro Joint Cyber Security Conference 2017, New York City, NY
Developing a Threat Modeling Mindset

10/6/2017
BSides DC 2017, Washington, DC
Real World Threat Modeling - Workshop

10/7/2017
BSides CT 2017, Southington, CT
Developing a Threat Modeling Mindset

10/24/2017
Lonestar Application Security Conference, Austin, TX
Threat Modeling for Secure Software Design

Contact Robert to speak to your group. Robert Hurlbut - Contact
More? See Speaking Schedule