Threat Modeling for Secure Software Design by Robert Hurlbut

Threat modeling is a way of thinking about what could go wrong and how to prevent it. Instinctively, we all think this way in regards to our own personal security and safety. When it comes to building software, some software shops either skip the important step of threat modeling in secure software design or, they have tried threat modeling before but haven't quite figured out how to connect the threat models to real world software development and its priorities. In this session, you will learn practical strategies in using threat modeling in secure software design and how to apply risk management in dealing with the threats.

Bio: Robert Hurlbut is an independent software security consultant, architect, developer, and trainer through Robert Hurlbut Consulting Services. Robert is a Microsoft MVP for Developer Security and holds the (ISC)2 CSSLP certification. Robert has over 20+ years of industry experience in secure coding, software architecture, and software development and has served at times as a project manager, chief architect, and director of software development for several clients. Robert blogs at https://roberthurlbut.com/blog and shares links and other information on Twitter at https://twitter.com/RobertHurlbut . Robert also leads the Boston .NET Architecture Group in Waltham, MA and the Amherst Security Group in Western MA.