If it seems as though attacks are always getting better, it’s because they are. Computers, apps, networks, and connected devices are all subject to different types of threats. Systems are facing new threats from things such as voice cloning and computational propaganda. Not to mention the growing importance of threats “at the human layer.” All of this can make it hard to keep up, let alone get ahead of potential threats. So isn’t it time that the threat modeling used by security pros, developers and systems managers evolve? Join Derrick and Tom as they shares their knowledge and experience on threat modeling and learn what's new and important in threat modeling today. After attending this tutorial, you will go home with actionable ways to ensure your security engineering is up to date.
Tom Stiehm has been developing applications and managing software development teams for over twenty years. As CTO of Coveros, he is responsible for the oversight of all technical projects and integrating new technologies and testing practices into software development projects. Recently, Tom has been focusing on how to incorporate DevSecOps and agile best practices into projects and how to achieve a balance between team productivity and cost while mitigating project risks. One of the best risk mitigation techniques Tom has found is leveraging DevSecOps and agile testing practices into all aspects of projects. Previously, as a managing architect at Digital Focus, Thomas was involved in agile development and found that agile is the only methodology that makes the business reality of constant change central to the process.