DevOps Conference
The Conference for Continuous Delivery, Microservices,
Containers, Clouds and Lean Business

Agile Threat Modeling the DevSecOps Way

Session

EARLY BIRD
Until July 30:
✓ Team discounts
✓ Save £145

Register Now

EARLY BIRD
Until July 30:
✓ Team discounts
✓ Save £145

Register Now

Until June 18:
✓ Workshop Day for free
✓ Raspberry Pi or C64 Mini for free
✓ Save over $840
Register now
Until June 18:
✓ Workshop Day for free
✓ Raspberry Pi or C64 Mini for free
✓ Save over $840
Register now
Until March 5:
✓ Transformation Day for free
✓ Raspberry Pi or C64 Mini for free
✓ Save over 850 €
Register now
Bis 5. März:
✓ Transformation Day for free
✓ Raspberry Pi oder C64 Mini for free
✓ Über 850 € sparen
Jetzt anmelden
Until December 12:
✓ Workshop Day for free
✓ Raspberry Pi or C64 Mini for free
✓ Save up to $690
Register now
Until December 12:
✓ Workshop Day for free
✓ Raspberry Pi or C64 Mini for free
✓ Save up to $690
Register now
Until Conference starts:
✓ Group Discount
✓ Freelancer Special
Register now
Bis 31. Oktober
✓ Kollegenrabatt
✓ Bis zu 375 € sparen
Jetzt anmelden

After the challenge of integrating security into DevOps was tackled with DevSecOps, the next integration problem is just around the corner: Threat Modeling!If we can build software reliably, reproducibly and quickly at any time using pipeline-as-code and have also automated security scans as part of it, how can we quickly capture the risk landscape of projects?Actually, this happens in workshops with lots of discussion and model work on the whiteboard with boxes, lines and clouds. These events are very useful and important, because only with this depth some threats in an architecture can be detected in time. It’s just a pity that it usually stops then: Instead of a living documentation, a slowly but surely eroding artifact is created.In order to counteract this process of decay, something has to be done continuously, something like "Threat-Model-as-Code" in the DevSecOps sense. See in this talk the ideas behind this approach: Agile developer-friendly threat modeling – in true style with a live demo of a freely available tool.Result? Models editable in developer IDEs and diffable in Git, automatically derived risks including graphical diagram and report generation with recommended actions. The architecture is changing? A new run and you have the current risk view…

This Session belongs to the Diese Session gehört zum Programm vom New YorkNew York and  und BerlinBerlin program. Take me to the program of . Hier geht es zum Programm von Online Edition Online Edition .

This Session belongs to the Diese Session gehört zum Programm vom New YorkNew York and  und BerlinBerlin program. Take me to the program of . Hier geht es zum Programm von London London .

Take me to the full program of Zum vollständigen Programm von New York New York .

Take me to the full program of Zum vollständigen Programm von Berlin Berlin .

This Session belongs to the Diese Session gehört zum Programm vom New YorkNew York and  und BerlinBerlin program. Take me to the program of . Hier geht es zum Programm von Singapore Singapur .

This Session belongs to the Diese Session gehört zum Programm vom New YorkNew York and  und BerlinBerlin program. Take me to the program of . Hier geht es zum Programm von Munich München .

This Session Diese Session belongs to the gehört zum Programm von New YorkNew York and  und BerlinBerlin program. Take me to the current program of . Hier geht es zum aktuellen Programm von Online Edition Online Edition , London London , New York New York , Berlin Berlin , Singapore Singapur or oder Munich München .

Stay tuned:

Behind the Tracks

 

Kubernetes Ecosystem

Docker, Kubernetes & Co

Microservices & Software Architecture

Maximize development productivity

Continuous Delivery & Automation

Build, test and deploy agile

Cloud Platforms & Serverless

Cloud-based & native apps

Monitoring, Traceability & Diagnostics

Handle the complexity of microservices applications

Security

DevSecOps for safer applications

Business & Company Culture

Radically optimize IT

Organizational Change

Overcome obstacles on the way towards DevOps

Live Demo #slideless

Showing how technology really works