Threat Modeling Where do I Start?
Single most common question I get from Developers
In order to run, you need to learn to walk. For an organization / group to understand and use Threat Modeling, they need to know where to start.
- What are some guidelines could we provide to help teams get started?
- What tools do they need?
- What people should be involved?
- For starting threat modeling on existing project/codebase - how to start without the need to cover everything (a bit similar to introducing tests to legacy software, but not quite).
- security SMEs
- SCRUM masters
- security champions
Back to list of all Working Sessions and Tracks
Edit this page here