Name: Threat Modeling in a Zero Trust World
Start: 2023-09-21T12:00:00-04:00
End: 2023-09-21T13:00:00-04:00

Zero trust is all the rage. Nevertheless, zero trust has vast implications for AppSec and threat modeling. Zero trust threat modeling means the death of the trust boundary and assumes attackers are in the environment, and data sources and flows can no longer hide.
Apply the concept of zero trust to threat modeling by understanding what changes and considering a threat model of the zero-trust architecture. Explore new design principles in a zero-trust threat model and apply a mnemonic and taxonomy of threats impacting zero-trust applications.
Long live the threat model, but say goodbye to the trust boundary.

Steve Pinkham

OWASP Triangle Chapter

OWASP® Foundation 

Technology

OWASP

Web Application Security

Application Security

Software Security

Web Application

Information Security

Computer Security

Chris Romeo is a leading voice and thinker in application security, threat modeling, and security champions and the CEO of Devici and General Partner at Kerr Ventures. Chris hosts the award-winning “Application Security Podcast,” “The Security Table,” and “The Threat Modeling Podcast” and is a highly rated industry speaker and trainer, featured at the RSA Conference, the AppSec Village @ DefCon, OWASP Global AppSec, ISC2 Security Congress, InfoSec World and All Day DevOps. Chris founded Security Journey, a security education company, leading to an exit in 2022. Chris was the Chief Security Advocate at Cisco, spreading security knowledge through education and champion programs. Chris has twenty-six years of security experience, holding positions across the gamut, including application security, security engineering, incident response, and various Executive roles. Chris holds the CISSP and CSSLP certifications. For more information, see [https://www.linkedin.com/in/securityjourney/](https://www.linkedin.com/in/securityjourney/)

Chris Romeo

Threat Modeling in a Zero Trust World

Online event

Share this event

Threat Modeling in a Zero Trust World

Details