CHAPTER VIRTUAL MEETING
May 19, 2021
When: May 19, 2021
Time: 04:00 PM Pacific Time
Presenter: Izar Tarandach & Matthew Coles
Topic: Threat Modeling: A Manifesto And Some Code
Meeting Agenda: (All times Pacific)
04:00 PM - 04:20 PM: Welcome/Meet & Greet
04:20 PM - 04:30 PM: Chapter Business
04:45 PM - 05:00 PM: Chapter Election Announcements
05:00 PM - 06:00 PM: Presentation and Discussion - Threat Modeling: A Manifesto And Some Code
Topic
Threat Modeling: why we think it matters for you, and why we wrote a book about it. Modeling: how to model your system in an expressive way Eliciting threats: what are some of the major approaches in use? How can it be done closer to the developer and at Agile speed? The Threat Modeling Manifesto: the distilled wisdom of dozens of collected years of threat modeling, in an easily consumable format - why it was written, what it is, and how can you benefit from it? Evolution: Automated threat analysis using an open source tool(pytm). We will talk through the making of pytm and then do a demo.
Speaker Biography
Matthew Coles (he/him) is a security professional focused on the security of physical devices and the ecosystems and processes that enable them to operate. He has an advanced degree in Computer Science from WPI, and maintains a CSSLP certification.
Izar Tarandach (he/him) has peeked and poked at security from various sides over the last couple of decades, currently focusing on modern SDLC's and how AppSec extrapolates onto the larger scheme of Security. He has a MSc in Computer Science/Security from Boston U.
Izar and Matt have collaborated on security techniques and training for the past 10 years, co-authoring a book on Threat Modeling, and an open source threat modeling automation system, pytm.