Diffing and Version Control Threat Models


A threat model should be a living artefact that evolves with the project, but how can we achieve this with the available tools? We need some best practices that teams can adapt, if we want threat modelling to become a wide-spread practice.

Why

We tell teams to make their threat model a living artefact, but what are the actual practices and techniques to do that?

What

…what text…

Outcomes

Recommendations documented at OWASP pages Either based on current tools capabilities, or at least set of requirements we’d want implemented in TM tools

Who

The target audience for this Working Session is:

Participants in the threat modeling track Participants in agile appsec track


Working materials

Here are the current ‘work in progress’ materials for this session

(please add as much information as possible before the sessions)

Content

…add content…



Back to list of all Working Sessions and Tracks

Edit this page here