Abstract
Threat Modeling interacts with many other activities during a secure development lifecycle. For example, it can be a way to enforce security requirements or perform architecture assessment. Its versatility leads to many different implementations and approaches. Let’s discuss what managed to provide value in the real world, and what might have failed to.
This session is made to be a reverse panel discussion, where the audience is encouraged to bring their own stories and share them with the room. Host will provide structure and stories of his own.