OWASP Meeting in Krakow - Threat Modeling

Hi,
This time we will focus on threat modeling - a proactive technique of risk analysis which could help to determine and fix potential vulnerabilities before they will even appear in the code, configuration or architecture.
Nowadays "threat modeling" has become a trendy buzz word. During our meetup we will try to uncover it's real meaning and discuss how to practically implement threat modeling in software development lifecycle.

Agenda:

1. Threat modeling for application security – a case study
   Marta Rusek (Senior Cloud Security Engineer) & Wiktor Cudek (Principal Cloud Security Engineer) - Pegasystems.
   Threat modeling is one of the parts of the SDLC process, that embed security throughout early stages of development. Thanks to that, we are able to detect potential problems at the beginning and avoid a lot of changes on the advanced maturity of the product.
   The goal of this presentation is to compare the most well-known Threat
   Modeling methodologies, their strong and weak sides. Based on our knowledge, we will compare these methods with the process and tools that are used in our company, and share our experience based on the work with development teams.
2. After the break, we will host a discussion about threat modeling. Share our experiences with TM. When it's applicable. How to start doing TM in your project? Which techniques and methodologies works and when? What should be our goals? Is it possible to simplify the threat modeling process? That's just example of questions that we want to ask.

Please RSVP and save the date!
If you have a minute, please share this invitation with friends and in your social media.