Getting developers to think more defensively about their code is sometimes difficult. And with impending deadlines, its almost impossible to get them to do any sort of threat modelling. In this session, Dana will walk attendees through exploring how to use basic data flow diagrams (DFD) and the Elevation of Privilege (EoP) card game to collect the basic information needed and then show how to transpose that into Microsoft’s next generation SDL Threat Modelling tool. Attendees should come prepared to play a few hands of EoP and learn how to have fun when threat modelling.
Speaker: Dana Epp
Date & Time: Wednesday, 2014/09/17, 6:30 PM [Welcome time 6:15 PM]
Location: Building SW1, Room 1021, BCIT Burnaby Campus, 3700 Willingdon Ave, Burnaby, BC, V5G 3H2
Registration: http://threatmodelling.eventbrite.ca
Sponsor: Pizza & pop is sponsored by TEKsystems
Speaker Biography
Dana Epp is the “Principal Architect – Identity & Access Management” at Kaseya, where he focuses on the architecture and security of the next generation identity and access management platform for cloud-based IT management. He has spent the last 25 years focusing on software security and has been awarded the recognition and designation by Microsoft as an Enterprise Security MVP for the past nine years.
