Is threat modelling too tough to produce actionable results? Is it too overbearing on resources? Does it demand too much documentation?
Architects and developers often perceive threat modelling as being too difficult, heavy on documentation, and costly to both produce an initial threat model from a clean slate and to maintain it as the system evolves.
During this talk, we’ll attempt to bust these myths and show how organizations can incrementally obtain better results over time while making threat modeling “seem easy.”