Robert Hurlbut - Is Threat Modeling for Me? - May 9, 2015

Security BSides Boston - Is Threat Modeling for Me? - May 9, 2015

Is Threat Modeling for Me? Slides: Pdf

Threat modeling is a way of thinking about what could go wrong and how to prevent it. Instinctively, we all think this way in regards to our own personal security and safety. Yet, often many software shops either skip the important step of threat modeling in secure software design or, after creating pretty diagrams, forget the models to do the "real work" of writing software without understanding potential problems. Based on last year's excellent book on Threat Modeling: Designing for Security by Adam Shostack, this session introduces threat modeling and creating threat models as a part of secure software design. We will also cover how to track threat models and some strategies for applying risk management in dealing with the threats.

Video of Robert Hurlbut, Recorded by

Hi, I am Robert Hurlbut, a software security consultant, architect, speaker, trainer, and Microsoft MVP. I help teams design secure software and applications using Threat Modeling, write secure software through consulting and mentoring, and make sure developers and other staff are secure through training. Learn more about me.
View Robert Hurlbut's profile on LinkedIn

What's New?

7/15/2017: Developing a Threat Modeling Mindset at BSides Chicago 2017.

7/1/2017: Robert was named a Microsoft MVP for Developer Security / Visual Studio and Development Technologies for 2017-2018 (3rd year in a row).

6/14/2017: OWASP Review slides from Amherst Security Group.

Sign up to be notified of updates

Upcoming Speaking / Training

Mobile Apps for Hartford, Trinity College, Hartford, CT
Mobile Apps Testing for Security

Danbury Area Computer Society, Danbury, CT
Introduction to Personal Digital Security and Privacy

Boston .NET Architecture Group, Waltham, MA
Website Application Performance

DevSecCon Boston, Boston, MA
Threat Modeling Workshop

AppSecUSA 2017 Developer Summit, Orlando, FL
Using OWASP Threat Dragon for Threat Modeling

Contact Robert to speak to your group. Robert Hurlbut - Contact
More? See Speaking Schedule