27. September 2018 - 18:00 till 20:00
Share it on:

OWASP Vancouver - Threat Modelling Gamification: How to get developers to think differently at secure coding | OpenDNS/CISCO | Thursday, 27. September 2018

Speaker: Dana Epp
Abstract: The concept of writing safer, more resilient software against the threat landscape of today is a daunting task. Especially when tight budgets and deadlines are constantly under pressure and the rapid adoption of faster release cycles makes it far too easy to 'skip' thinking about the security of the systems and data we rely on to deliver our software. In this session, Dana will introduce threat modeling in a way to help you educate your developers and DevOps on how to look for threats and how to think like an attacker, all while having a bit of fun. From learning how to draw developers in with gamification using a simple card game called 'Elevation of Privilege' that focuses on identifying threats in your software to leveraging free tools published by Microsoft to aid you in documenting and responding to such threats, you will walk away with a better understanding of how to look at your software more defensively. Practical exercises and real world discussions will strengthen the presentation and re-enforce the learning objective... to write safer, more secure software in every sprint.
Speaker Bio: Dana Epp has spent decades as an architect that focuses on helping secure software, data and infrastructure. When he's not helping to build and grow software companies he's advising others on adapting and embracing the ever changing landscape of IT. As both a Microsoft Regional Director and Azure Security MVP, he spends a great deal of time on security engineering in the cloud, focused on building safe, decoupled systems. His latest project is a cloud threat protection platform for Azure, which you can check out at . You can also follow him at .
Live streaming: check out our YouTube channel here.
Thank you: OpenDNS/CISCO Smith for hosting and providing pop/pizza, George Pajari for streaming, and Jeevan Singh and all the volunteers for helping make this happen!
OWASP Vancouver Web site can be found here, where you can find more info and stay connected with us.