Remote Threat Modeling

When (day):
15:00 - 16:00
Zoom link will be available very soon

Session Video

About this session

Here is the chat we had in the session:

18:47:31	 From André Ferreira : Please share the link :)
18:47:52	 From James Bore :
18:48:14	 From André Ferreira : Thank you James
18:51:26	 From André Ferreira : Will nag you about a link on that game later, if that exists
18:52:00	 From Dinis Cruz :
18:52:04	 From André Ferreira : I wasn’t lucky, thanks
19:00:21	 From André Ferreira : STRIDE doesn’t relate to business impact, only technical.
19:00:28	 From André Ferreira : Hurray! My 50c
19:00:40	 From André Ferreira : From 2016
19:02:50	 From Garth Boyd :
19:04:15	 From André Ferreira : eheheh
19:04:17	 From André Ferreira : Thanks for that
19:05:00	 From Garth Boyd :
19:05:24	 From Garth Boyd : Online game
19:05:37	 From André Ferreira : A lot of information in this cards
19:07:39	 From James Bore :
19:09:12	 From Didar Gelici : If you are not in our slack :
19:15:07	 From André Ferreira : Is there any ISO or INT standard regarding the creation of a threat model that you guys know?
19:15:16	 From André Ferreira : The model itself
19:15:35	 From André Ferreira : Diagram, entry points, list of threats, countermeasures, etc
19:20:00	 From James Bore :
19:27:46	 From André Ferreira : Use cases And misuse and abuse cases
19:28:05	 From André Ferreira : A business analysis could write those
19:38:57	 From JvdV : Really interesting discussion. Sorry I couldn’t be more involved (family demands) and sadly I need to run now - thanks, Jasper
19:39:20	 From Didar Gelici : Thanks Jasper
19:39:35	 From André Ferreira : Following up on the standard, is there nothing guiding documentation as a result of the modelling?
19:43:13	 From James Bore : No standards there I'm aware of other than common practices.
19:43:46	 From James Bore : Anderson report:

19:54:03	 From André Ferreira : This document is probably one of the references used for ISO/IEC/IEEE 29148, would love to know the context of this
19:54:11	 From André Ferreira : * this being the Anderson report

Back to list of all Working Sessions