A Cat, a Dog, and a Roast Turkey: What’s in Your Threat Model?
One-Day Interactive (Classroom) Training - AppSec New Zealand Conference 2021
Dates: Wednesday, 10 February 2021
Time: 8:45 a.m. to 5:30 p.m. (NZDT)
Instructors: Wade Winright
Course Fee: NZ $450.00 (plus GST and ticketing fees)
Registration Site: https://events.humanitix.com/appsecnz-training
Maximum Enrolment: 65 attendees
What do the most effective red teams, blue teams, and engineers all have in common? Threat modelling. Two words wildly used, mostly misunderstood, and almost guaranteed to strike instantaneous yawns in most of the cyber/security field and community (when sadly, it is likely the most powerful non-deterministic tool available.) Attendees of this training workshop will leave prepared to address the needs of each of the three constituents previously mentioned.
Red team? Threat modelling is the place to start to enumerate the attack surface.
Blue team? Threat modelling is the place to determine what type of attackers you will most likely be facing.
Software Engineer/Developer? Threat modelling is the place to start securing your project from the ground up, providing resiliency and security assurances.
This is an engaging hands-on training with active participation. Attendees will work through the flow of creating threat models to facilitate ownership, perspective, and informed direction regardless of your station or mission. Student sourced options and live scenarios are encouraged; current examples we’re using today include substrate level concerns and threats to multi-tenancy, Nation States, various abstract situations, and coaching on how to use 0day in a FUD-free manner.
Based out of Auckland, Wade is a Director of Security Assurance at Salesforce who is passionate to make this series of tubes we call home a safer place for all, and has been modelling threats for far more years than he’d care to admit. Twitter: @vashta_nerdrada