How to take your first steps in threat modelling, or an opportunity to extend and/or reorient an existing threat modelling programme.
Systems created by humans will contain flaws. In order to shine a light on these flaws, you can use a technique called threat modelling. There are hundreds if not thousands of different threat modelling methods that can be used to tease apart the structure of a system in search for security issues. In this talk, we will cover the key principles behind these methods, enabling anyone to study and mend the architecture of a system. In covering the basics, we will also critically reflect on the direction of much research and practice, sketching the relevance of threat modelling for addressing contemporary challenges and highlighting the role that you can play in making a security impact.
*As preparation for or follow-up of this talk, [see this recorded training](https://archive.org/details/getting_started_with_threat_modelling).*
*The recorded training can be watched either before or after the live talk. The talk takes a more reflective and critical look at threat modelling, diving into its underlying history and the current state of research, while also providing a space for Q&A and the sharing of experiences.*
about this event: https://events.ccc.de/congress/2023/hub/event/getting-started-with-threat-modelling/
Systems created by humans will contain flaws. In order to shine a light on these flaws, you can use a technique called threat modelling. There are hundreds if not thousands of different threat modelling methods that can be used to tease apart the structure of a system in search for security issues. In this talk, we will cover the key principles behind these methods, enabling anyone to study and mend the architecture of a system. In covering the basics, we will also critically reflect on the direction of much research and practice, sketching the relevance of threat modelling for addressing contemporary challenges and highlighting the role that you can play in making a security impact.
*As preparation for or follow-up of this talk, [see this recorded training](https://archive.org/details/getting_started_with_threat_modelling).*
*The recorded training can be watched either before or after the live talk. The talk takes a more reflective and critical look at threat modelling, diving into its underlying history and the current state of research, while also providing a space for Q&A and the sharing of experiences.*
about this event: https://events.ccc.de/congress/2023/hub/event/getting-started-with-threat-modelling/