Threat Modeling All Day! with Steven Carlson
Details
Abstract:
This talk demonstrates a threat modeling methodology tailored for the modern CI/CD pipeline, showing how engineering teams can bake security directly into their Software Development Life Cycle. We will explore how to create a unified platform—partially AI-assisted—to streamline the communication of architectural risks and coordinate mitigations within active sprints. By shifting security left, we don’t just address vulnerabilities earlier; we build a foundation of trust between engineering and security teams. In an ever-evolving landscape, this is one strategic evolution your team can implement to reduce risk without slowing down your path to market.
Bio:
Steven Carlson is a software engineer who is passionate about clean secure code. He is highly motivated to learn and mentor associates with a positive attitude. If Steven isn’t polishing software, he is speaking at local conferences or surfing the gravel seas on his gravel bicycle.