Threat Modeling Lessons from Star Wars (and Elsewhere)

Adam Shostack

Microsoft

Thursday, March 6
2:30 p.m., Lecture Hall

Everyone knows you ought to threat model, but in practical reality it turns out to be tricky. If past efforts to threat model haven't panned out, perhaps part of the problem is confusion over what works, and how the various approaches conflict or align. This talk is designed to help security pros, developers, and systems managers, all of whom will leave with both threat modeling lessons from Star Wars and a proven foundation, enabling them to threat model effectively.

Bio:

Adam Shostack is the author of Threat Modeling: Designing for Security. He helped found the CVE, the Privacy Enhancing Technologies Symposium and the International Financial Cryptography Association. Shostack has been a leader at a number of successful information security and privacy startups, and is co-author of the The New School of Information Security. He is currently a program manager at Microsoft, where among other accomplishments, he shipped the Microsoft Security Development Lifecycle (SDL) Threat Modeling Tool and the Elevation of Privilege threat modeling game. He tweets as @adamshostack.

Main menu

News and Events

Threat Modeling Lessons from Star Wars (and Elsewhere)

Adam Shostack

Bio:

Quick Links

Research Areas

Projects

Visitor Information

Follow ICSI

Search form

Main menu

News and Events

Threat Modeling Lessons from Star Wars (and Elsewhere)

Adam Shostack

Bio:

Quick Links

Research Areas

Projects

Visitor Information

Follow ICSI