Conference Venue: RAI Amsterdam, Europaplein 24, 1078 GZ Amsterdam, The Netherlands

Book Hotel click HERE
Back To Schedule
Thursday, September 26 • 2:35pm - 3:20pm
Threat Modelling Stories from the Trenches

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Threat modelling is a software analysis technique capable of finding design defects. But what sort of issues are uncovered in practice using threat modelling? This talk bridges the gap between theory and practice by describing case studies – design flaws uncovered for actual (but anonymised) systems across many domains, for example online gaming, two-factor authentication, business-to-business, embedded, and cloud. In this talk we are less concerned with theory. Instead, in this interactive session the attendee will gain insight into the mindset of threat modelling by considering mistakes in the real-world. Along the way we will (re)learn secure design principles and attack patterns and see how the theory is expressed in reality.

avatar for David Johannson

David Johannson

Principal Consultant, Synopsys
David Johansson has worked as a security consultant for over 10 years. Among other things, he has worked with software development and architecture, threat modeling, web security testing, and training developers and testers in security. David lives in London where he works as a Principal... Read More →
avatar for Andrew Lee-Thorp

Andrew Lee-Thorp

Mr Lee-Thorp is a software security consultant who started life as an ocean-atmosphere scientist, then as a developer and now works as a Principal Consultant at Synopsys where he performs code reviews, threat modelling, Android testing and trains developers to write secure code.

Thursday September 26, 2019 2:35pm - 3:20pm CEST