We created a 1-day online threat modeling course specifically for agile development to improve reliability and security of delivered software. You will learn an iterative and incremental threat modeling method that is integrated in the development and deployment pipeline You will be challenged to perform practical threat modeling covering the different stages of threat modeling. Exercises are built upon a fictional Acme Hotel Booking (AHB) system, where we migrate a legacy client-server system towards a cloud based, micro service stack using AWS services:
Steven Wierckx is a software and security tester with 20 years of experience in programming, security testing, source code review, test automation, functional and technical analysis, development, and database design, Steven shares his passion for web application security through writing and training on testing software for security problems, secure coding, security awareness, security testing, and threat modeling. He is the project leader for the OWASP Threat Modeling Project and organizes the BruCON student CTF. He spoke at Hack in the Box Amsterdam, hosted workshops at BruCON and DevSecCon (UK) and delivered threat modeling trainings at OWASP AppSec USA, OWASP AppSec Israel, BruCON and O’Reilly Security New Yo
