Threat Modeling

This track is focused on Threat Modeling Playbook

TitleTrackYearMonth
A perspective on automating 3rd party risk assessment. How to free up your staff, and improve speed by automaton with guardrails.Governance2021Apr
Agile Threat Modeling with Open-Source ToolsThreat Modeling2021Jun
Agile Threat Modeling with Open-Source ToolsThreat Modeling2021Nov
AI ML European regulation2021May
AMA with Jeremiah GrossmanDevSecOps2021Jan
AMA with Jim ManicoDevSecOps2021Jan
AMA with OWASP Board2021Jan
AMA with Simon WardleyWardley Maps2020Dec
ASVS User Stories creationOwasp2021
ASVS User Stories creationOwasp2021May
ASVS User Stories creationOwasp2021May
ASVS User Stories creation (part 1)2021Apr
ASVS User Stories creation (part 2)2021Apr
ASVS User Stories creation - Part 6Owasp2021Jun
ASVS User Stories creation - Part 7Owasp2021Sep
ASVS User Stories creation - Part 8OWASP2021Nov
Automating SOC2 using JiraGovernance2021Jan
Bakeoff - Anti-virus vs CDR vs SandboxingContent Disarm & Reconstruction2020Jun
Beginners Threat ModelingThreat Modeling2021Jun
CDR API StandardCDR2021May
CDR Engine Standard (Part 1)CDR2020Dec
CDR Engine Standard (Part 2)CDR2021Jan
Challenges in IoT security: from infinite recommendations to a plethora of implementationsGovernance2021Jun
Check out their (lateral) moves! The importance of blast radius in DevSecOpsDevSecOps2021Nov
CISO RoundtableGovernance2022Mar
Compliant Kubernetes - Case StudyDevSecOps2021Apr
Content Delivery & Security AssociationGovernance2021Sep
Cooking the perfect docker container for a react appKubernetes2021Nov
Creating 1 million kubernetes pods - Lessons learnedDevSecOps2021Apr
Creating a Scalable API Test Framework using AWS and ElasticDevSecOps2021Nov
Creating Secure Builds of ContainersDevSecOps2020Dec
CTO RoundtableGovernance2022Mar
CVE CWE CVSS CWSS where do I look first?Governance2021Nov
Developing Secure Multi-Cloud Kubernetes ApplicationsKubernetes2021Nov
Distroless ContainersOwasp2021May
DSOMM News and Belts-WorkshopDevSecOps2021Sep
Embrace Secure Defaults, Block Anti-patterns, and Kill Bug Classes with SemgrepDevSecOps2020Dec
Encrypted Calendars - the need and consequencesGovernance2020Dec
For bugs start with a passing test (and 99% code coverage)Owasp2021May
Going Multicloud: Securing Human and Service Identities in AWS vs AzureDevSecOps2021Nov
Graph Based Vulnerability ManagementGovernance2021Apr
Hacking threat modelingThreat Modeling2021Sep
How Owasp can help Security Teams - DevSecOpsOwasp2020Dec
How Owasp can help Security Teams - DevSecOps2021Jan
How Owasp can help Security Teams - Guides and Testing ToolsOwasp2020Dec
How Owasp can help Security Teams - Guides and Testing Tools2021Jan
How Variant Analysis and CodeQL helped secure the fight against COVID-19DevSecOps2021Jan
Introduction into OWASP DSOMM2021Apr
Keynote - Open Security Summit 2020Keynotes2020Jun
Learn Threat Modeling using the amazing OSS resourcesThreat Modeling2021Nov
Managing projects using Github Issues and ZenHubOwasp2021May
Maturity Mapping: Contextualise change and learningWardley Maps2021Jan
Mitigating Risks Through Open-Source Bitcoin TracingDevSecOps2021Apr
Modern Office SpacesGovernance2021Apr
Moldable development with Glamorous Toolkit Part 12021Mar
Moldable development with Glamorous Toolkit Part 22021Mar
Moldable development with Glamorous Toolkit Part 32021Mar
New OSS ProjectsMisc2021Sep
OSS - Celebrating the Community and plans for 20222021Nov
OSS DevSecOps projetDevSecOps2021Sep
OSS OWASP ProjectOWASP2021Sep
OSS Semgrep projectSemgrep2021Sep
OSS Threat Modeling and Moldable Development ProjectsThreat Modeling2021Sep
OWASP DSOMM Enhancement WorkshopDevSecOps2021Apr
Owasp O2 Platform tools you can use today2021Apr
OWASP Security Bot - Hypercharge your Cloud AutomationOWASP2022Jan
Panel - Prioritizing Risks and Vulnerabilities based on ContextRisk and Governance2021Nov
Playing at Security: Designing, building, and running tabletop scenarios for fail-safe incident handling and incident response trainingSecure by Scenario2020Nov
Positive Security models and Rebuilding into a "Known Good" stateCDR2021May
Pyroscope internals and Using Pyroscope for real-time view of Cloud/Serverless ApplicationsDevSecops2021Mar
Reciprocity: Tales of an Anthropologist in CybersecurityGovernance2021Jun
Refresher on Security LabelsSecurity Labels2020Nov
Remote Threat ModelingThreat Modeling2021Jan
Rules & Recommendations: Are we pushing our new IoT device out correctly?Governance2021Jun
Scaling Incident Response using Jira, Jupyter and GSuiteDevSecOps2021Jan
Scaling Kubernetes - One Pod per fileDevSecOps2021Jun
Scaling Threat Models visualisations using PlantUML and VisJSDevSecOps2020Dec
Scaling Your Security Program with SemgrepDevSecOps2021Jun
Schrems II - Finding workable solutionsSchrems II2020Dec
Schrems II - Finding workable solutionsSchrems II2021Jan
Schrems II - Transfer risk triage and other adventures in scopingSchrems II2021Mar
SDA SE Cluster Scanner is going Open SourceDevSecOps2021Mar
Secure Access to Kubernetes pods using teleportDevSecOps2021Jul
Secure By ScenarioSecure by Scenario2021Apr
Secure By ScenarioSecure by Scenario2021Jan
Secure By ScenarioSecure By Scenario2021Jun
Secure By ScenarioSecure by Scenario2021Mar
Secure By ScenarioSecure by Scenario2021May
Secure by ScenarioSecure by Scenario2020Oct
Secure by Scenario - Data breach at the North PoleSecure by Scenario2020Dec
Security Labels & Schrems IISecurity Labels2020Nov
Security-Scan your production imagesDevSecOps2021Sep
SOC2 Certification for SaaS companiesGovernance2020Dec
Sonar Cube Integrations with GitHubDevSecOps2020Dec
Spreading security across the SDLC (with semgrep and other tools)DevSecOps2021Mar
Testing Ephemeral Kubernetes ApplicationsDevSecOps2021Jun
The Modern Data Broker LandscapeGovernance2021Apr
The OWASP Top Ten 2021 ReleaseOWASP2021Nov
The RATs and CATs of Risk - Graph based Risk FrameworkGovernance2021Apr
Threat mapping - A workshop discussionThreat Modeling2021Nov
Threat Modeling for Schrems IIThreat Modeling2020Nov
Threat Modeling Glasswall Cloud SDKThreat Modeling2021May
Threat Modeling Glasswall DesktopThreat Modeling2020Dec
Threat Modeling Glasswall Folder-to-Folder PluginThreat Modeling2021May
Threat Modeling ManifestoThreat Modeling2020Dec
Threat Modeling PlaybookThreat Modeling2020Oct
Threat Modeling tool - IriusRisk Community EditionThreat Modeling2022Jan
Threat Modeling Using Glamorous ToolkitThreat Modeling2021May
Threats categorization, pitfalls, different ways of applying it in practiseThreat Modeling2021Jan
Using Domain Specific Languages (DSL) for testingDevSecOps2021Jan
Using Elastic and Kibana for Scale and Security VisualisationDevSecOps2021Nov
Using Jira to Map and Visualise RisksRisk and Governance2021Nov
Using Kubernetes to create a scalable Security Proxy solutionDevSecOps2020Oct
Using Teleport to Secure SSH and Kubernetes AccessDevSecOps2021Nov
Using VPC Flows to monitor EC2 TrafficDevSecOps2021Apr
Vendor Security Management using JiraGovernance2021Jun
Virtual PubMiscellenous2020Oct
Wardley Maps and services model at GlasswallWardley Maps2020Dec
What to do in preparation for a Threat ModelGovernance2021May
Workshop on creating C# Tools using the Owasp O2 Platform2021May
Yor:Automated IaC tag and traceDevSecOps2021Jun