Firetalk #5: Slash AppSec Costs, Free Threat Modeling & Compliance Data Output

Presented at ShmooCon XIII (2017), Jan. 13, 2017, 9:20 p.m. (20 minutes).

A work in progress tool will be demonstrated. It enables modeling application/system security requirements, then expands the list of requirements to a more actionable list for design, risk-benefit trade-off analysis, testing and compliance purposes. Security functional requirements libraries and threat modeling mitigation libraries will be community maintained.


Presenters:

  • John Willis
    John M. Willis is a security architect who seeks to build security in by coming up with new and different ways of looking at things.

Similar Presentations: