Watch this on-demand Webinar now!
Traditionally, we perform threat modeling using some type of predefined framework like STRIDE to make a data flow diagram and recommend mitigation. The challenge with this threat modeling approach is that it doesn’t fit easily in a fast-moving DevOps pipeline. For DevOps to work effectively, artifacts are considered to be a minimum viable product agreed upon for delivery. In the case of threat modeling, we need to fit into this rapid cadence that emphasizes scalability and is also lean.
In this webinar, we will discuss strategies for closing the gap, such as policy-driven development and business risk filtration, to scale our threat modeling approach and maximize the potential for automation.
Expected Learning
- Why is traditional threat modeling not good enough?
- How do you connect business risk with threat modeling?
- How do you scale your threat modeling approach?
About Security Compass
Security Compass, a pioneer in application security, enables organizations to shift left and build secure applications by design, integrated directly with existing DevSecOps tools and workflows. Its flagship product, SD Elements, helps organizations accelerate software time to market and reduce cyber risks by taking an automated, developer-centric approach to threat modeling, secure development, and compliance. Security Compass is a trusted Developer-centric eLearning solutions provider, offering a full suite of on-demand, role-based courses that cover various programming languages, cloud solutions, and IaC tools. For more information, please visit www.securitycompass.com