Breaking Down Threat Modelling Barriers in Agile AppSec


October 13, 2022 | 11:00 a.m. – 12:00 p.m. ET | (Webinar)

Why is threat modeling often misunderstood—or even worse, neglected—in agile product engineering? Kroll application security expert Rahul Raghavan breaks down threat modeling barriers and outlines a more effective approach for agile application security.

Register now
Breaking Down Threat Modelling Barriers in Agile AppSec

“There are two ways of constructing a software design. One way is to make it so simple that there are obviously no deficiencies. And the other way is to make it so complicated that there are no obvious deficiencies.” - CAR Hoare

Threat modeling has long been a “design level” activity that fits in right at the beginning of a well-defined application security strategy. However, the current speed and scale of product and security engineering has forced software teams to overlook this very critical element of software security...and rightfully so!

In this webcast, we dive into the world of application threat modeling, sharing insights on and demystifying the chatter that product teams have been exposed to and expanding on some of the cause and effects of threat modeling not seeing its rightful place in agile product engineering. The presentation also examines two schools of thought—component-driven threat modeling and offense-driven (abuser case) threat modeling—as well as their unique use cases and applicability.

Key Takeaways

  • The context of threat modeling in today’s context of product engineering
  • The problem with threat modeling (as we know it)
  • A comparison of component-driven and defense-driven threat modeling
  • Threat modeling as a route to better test case design and automation

Register now

2022-10-13T00:00:00.0000000 0001-01-01T00:00:00.0000000 /-/media/kroll-images/events/webcast-breaking-down-threat-modelling-barriers-in-agile-appsec.jpg /en/insights/events/2022/webcast-breaking-down-threat-modelling-barriers-in-agile-appsec event {E39587AD-8F0B-4FE2-865F-969BC5501096} {0D8F5BE3-DF68-470D-ADFF-536F0505BF20} {B1FF17CC-D957-458C-A381-D10935C635C8} {CD3C27EF-43D7-41EF-9C4B-AEF530E65202} {A3E80394-4BDC-4E1D-8266-0653FE885E69} {2F9D4938-E5F0-4F9C-9A20-C4A5DCF79130} {70E25357-B690-49B8-948F-958DAD26DCD4} {2DEEE4D2-8278-4C50-B3FF-1563BB257804}

Connect with us

Rahul Raghavan
Rahul Raghavan
Senior Vice President
Cyber Risk

Stay Ahead with Kroll

Cyber Risk

Incident response, digital forensics, breach notification, managed detection services, penetration testing, cyber assessments and advisory.

System Assessments and Testing

Kroll’s field-proven cyber security assessment and testing solutions help identify, evaluate and prioritize risks to people, data, operations and technologies worldwide.

Cyber Governance and Risk

Manage cyber risk and information security governance issues with Kroll’s defensible cyber security strategy framework.

Ransomware Preparedness Assessment

Kroll’s ransomware preparedness assessment helps your organization avoid ransomware attacks by examining 14 crucial security areas and attack vectors.

Incident Response Retainer

Kroll delivers more than a typical incident response retainer—secure a true cyber risk retainer with elite digital forensics and incident response capabilities and maximum flexibility for proactive and notification services.