Attending this event?
Conference Venue: RAI Amsterdam, Europaplein 24, 1078 GZ Amsterdam, The Netherlands

Book Hotel click HERE
Tuesday, September 24 • 8:00am - Wednesday, September 25 • 5:00pm
Hands-on threat modeling and tooling for DevSecOps

Sign up or log in to save this to your schedule and see who's attending!

This action-packed two-day threat modeling course is designed specifically to help DevOps engineers improve the reliability and security of delivered software. Sebastien Deleersnyder teaches an iterative and incremental threat modeling method that is integrated with the development and deployment pipeline.
Speed of delivery is crucial with shorter development cycles, increased deployment frequency, and more dependable releases, and Sebastien focuses on a risk-based unified threat modeling practice that is in close alignment with business objectives. You’ll explore tools and learn how to use threat modeling as code to integrate threat modeling in the CI/CD pipeline; you’ll also discover how to threat model the CI/CD pipeline itself.
Sebastien bases the training material and hands-on workshops on real live use cases in his experience. You’ll be challenged to perform practical threat modeling in squads of three to four people, covering the different stages of threat modeling on an incremental business-driven CI/CD scenario:
Sprint 1: Modeling a hotel booking web and mobile application, sharing the same REST backend
Sprint 2: Threat identification as part of migrating the booking system application to AWS
Sprint 3: AWS threat mitigations for the booking system built on microservices
Sprint 4: Building an attack library for CI/CD pipelines

Handouts, templates, and lab challenges will be made available before the training.

avatar for Sebastien Deleersnyder

Sebastien Deleersnyder

Managing partner Application Security, Toreon
Seba is co-founder, CEO of Toreon and a proponent of application security as a holistic endeavor. He started the Belgian OWASP chapter, was a member of the OWASP Foundation Board and performed several public presentations on Application Security. Seba also co-founded the yearly security... Read More →

Tuesday September 24, 2019 8:00am - Wednesday September 25, 2019 5:00pm
Feedback form isn't open yet.

Attendees (5)