AppSec Village - Threat Modelling the Death Star

Cite

DEF CON

Areias, Mario

Formal Metadata

Title

AppSec Village - Threat Modelling the Death Star

Title of Series

DEF CON Safe Mode

Number of Parts

374

Author

Areias, Mario

License

CC Attribution 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.

Identifiers

10.5446/51610 (DOI)

Publisher

DEF CON

Release Date

2020

Language

English

Content Metadata

Subject Area

Computer Science

Genre

Conference/Talk

Abstract

It is a known fact the Empire needs to up their security game. The Rebellion hack their ships, steal their plans, and even create backdoors! In this talk, we will help the Empire by threat modeling the Death Star. Traditionally, Threat Models have been a slow and boring process that ends up with a giant document detailed any possible security problem. This approach, although useful in the past, is not necessarily good in an ever-changing environment (or when you have Jedis as enemies!). I will introduce Attack Trees and how they can fit in nicely in a DevOps world. Come and join the Dark Side! We might save the Empire after all!