Threat modeling: the future of cybersecurity or another buzzword⎥Derek Fisher

This Youtube interview was with Derek Fisher. Derek is a speaker on various cybersecurity topics, and author of “The Application Security Handbook.”. Derek probes the value of threat modeling in securing apps.

Some takeaways are:
* Difficulties encountered by large enterprises
* How automation helps
* How practical experience and a technical background trumps certifications

https://youtu.be/vKCDusQf_1Y

#threat_modeling #cybersecurity

Registration for DC’s Next Top Threat Model @defcon is NOW OPEN! https://threatmodel.us/register/

#DEFCON #DEFCON31 #threatmodeling #threat_modeling #appsec #security #DCNTTM

Ready to strut your cybersecurity skills on the virtual runway? Let's see who can outsmart the defenses and sashay their way to the title of ultimate threat modeling superstar. Are you up for the challenge? Walk that firewall and show us your fiercest vulnerabilities!

Registration for DEFCON’s Next Top Threat Model @defcon is NOW OPEN!

https://threatmodel.us/register/

#DEFCON #DEFCON31 #threatmodeling #threat_modeling #appsec #security #DCNTTM

*Draw.io libraries for threat modeling*

This is a collection of custom libraries to turn the free and cross-platform Draw.io diagramming application into the perfect tool for threat modeling.

*Data Flow Diagrams*

Data Flow Diagramming is a simple diagramming technique used to gain an understanding of how data flows in an application or system. DFDs are excellent for getting a bird's-eye view of a system to facilitate threat modeling.

*Attack Trees*

Attack Trees are another kind of diagramming method that is great for exploring how a threat actor might attain a specific goal, or how an asset might be attacked.

#sdl #threat_modeling #attack-_trees #diagramming #data_flow-_diagram #drawio #dfd

https://github.com/michenriksen/drawio-threatmodeling