Threat modeling is a way of thinking about what could go wrong and how to prevent it. Instinctively, we all think this way in regards to our own personal security and safety. When it comes to building software, some software shops either skip the important step of threat modeling in secure software design or, they have tried threat modeling before but haven't quite figured out how to connect the threat models to real world software development and its priorities. In this session, you will learn practical strategies in using threat modeling in secure software design and how to apply risk management in dealing with the threats.

Robert Hurlbut is an independent software security consultant, architect, developer, and trainer at Robert Hurlbut Consulting Services. Robert is a Microsoft MVP for Developer Security and holds the (ISC)2 CSSLP certification. Robert has over 20+ years of industry experience in secure coding, software architecture, and software development and has served at times as a project manager, chief architect, and director of software development for several clients. Robert blogs at Roberthurlbut.com and shares links and other information on Twitter at @RobertHurlbut.

Threat modeling is a way of thinking about what could go wrong and how to prevent it. Instinctively, we all think this way in regards to our own personal security and safety. When it comes to building software, some software shops either skip the important step of threat modeling in secure software design or, they have tried threat modeling before but haven't quite figured out how to connect the threat models to real world software development and its priorities. In this session, you will learn practical strategies in using threat modeling in secure software design and how to apply risk management in dealing with the threats.

Back to Converge 2016 video list