As attendees probably understand, DevOps isn’t really about automation. But, we’ve all heard claims that “everything in DevOps can be, and must be automated”. On the other hand, threat modelling has a reputation for being an expert only, almost mystical practice that only the initiated manually perform, off in some isolated corner.
It might seem that DevOps and threat modelling are opposing forces? It doesn’t have to be. Find out how most of us intuitively threat model as a matter of living. Plus, thankfully, some threat modelling tasks can be automated: the tool set is maturing rapidly. Indeed, some parts of many models can be generated through the existing tool set, some of which are open source or free. For that which must be accomplished manually, there are proven DevOps-friendly approaches.
There really are “right DevOps methods” and, sadly, “wrong ways” that just won’t work. Join author, Brook S.E. Schoenfield for an in-depth look at DevOps threat modelling.
📚 What will you learn?
✅ Interactively participate in threat modeling
✅ Automated activities in threat modeling
✅ Open source and commercial threat modeling tools
✅ Field-proven threat modeling approaches