Diffing and Version Control Threat Models
A threat model should be a living artefact that evolves with the project, but how can we achieve this with the available tools? We need some best practices that teams can adapt, if we want threat modelling to become a wide-spread practice.
We tell teams to make their threat model a living artefact, but what are the actual practices and techniques to do that?
Recommendations documented at OWASP pages Either based on current tools capabilities, or at least set of requirements we’d want implemented in TM tools
The target audience for this Working Session is:
Participants in the threat modeling track Participants in agile appsec track
Here are the current ‘work in progress’ materials for this session
(please add as much information as possible before the sessions)
Back to list of all Working Sessions and Tracks
Edit this page here