DevOps Conference
The Conference for Continuous Delivery, Microservices,
Containers, Clouds and Lean Business

Agile Threat Modeling the DevSecOps Way

Session

Until conference starts:
✓ Team discounts
✓ All inclusive 4-Day Passes available

Register Now

Until conference starts:
✓ Team discounts
✓ All inclusive 4-Day Passes available

Register Now

Until May 20:
✓ Save up to € 268
✓ Team discount
✓ Specials for freelancers
Register now
Bis 20. Mai:
✓ Bis zu 268 € sparen
✓ Kollegenrabatt
✓ Specials for freelancers
Jetzt anmelden
Until June 17:
✓ Transformation Day for free
✓ Save up to $500
✓ Group discount
Register now
Until June 17:
✓ Transformation Day for free
✓ Save up to $500
✓ Group discount
Register now
Until July 2:
✓ Raspberry Pi or C64 Mini for free
✓ Save up to $330
Register now
Until July 2:
✓ Raspberry Pi or C64 Mini for free
✓ Save up to $330
Register now
Thank you for joining!


Register now
Vielen Dank für Ihre Teilnahme!


Jetzt anmelden
Infos
Thursday, April 22 2021
12:15 - 13:00
Infos
Tuesday, December 1 2020
14:45 - 15:30
Room:
Studio 3

If we can build software in a reliable, reproducible and quick way at any time using Pipeline-as-Code and have also automated security scans as part of it, how can we quickly capture the risk landscape of agile projects to ensure we didn’t miss anything important? Traditionally, this happens in workshops with lots of discussion and model work on the whiteboard with boxes, lines, and clouds. It’s just a pity that it often stops there: Instead of a living model, a slowly but surely eroding artifact is created, while the agile project evolves at a faster pace. In order to counteract this process of decay, something has to be done continuously, something like “Threat-Model-as-Code” in the DevSecOps sense. See in this talk the ideas behind this approach: Agile developer-friendly threat modeling right from within the IDE using open-source tools. Models editable in developer IDEs and diffable in Git, which automatically derive risks including graphical diagrams and report generation with recommended mitigation actions.

Take me to the full program of Zum vollständigen Programm von London London .

Take me to the full program of Zum vollständigen Programm von Berlin Berlin .

This Session belongs to the Diese Session gehört zum Programm vom LondonLondon, BerlinBerlin and  und MunichMünchen program. Take me to the program of . Hier geht es zum Programm von New York New York .

This Session belongs to the Diese Session gehört zum Programm vom LondonLondon, BerlinBerlin and  und MunichMünchen program. Take me to the program of . Hier geht es zum Programm von Singapore Singapur .

Take me to the full program of Zum vollständigen Programm von Munich München .

This Session Diese Session belongs to the gehört zum Programm von LondonLondon, BerlinBerlin and  und MunichMünchen program. Take me to the current program of . Hier geht es zum aktuellen Programm von London London , Berlin Berlin , New York New York , Singapore Singapur or oder Munich München .

Stay tuned:

Behind the Tracks

 

Kubernetes Ecosystem

Docker, Kubernetes & Co

Microservices & Software Architecture

Maximize development productivity

Continuous Delivery & Automation

Build, test and deploy agile

Cloud Platforms & Serverless

Cloud-based & native apps

Monitoring, Traceability & Diagnostics

Handle the complexity of microservices applications

Security

DevSecOps for safer applications

Business & Company Culture

Radically optimize IT

Organizational Change

Overcome obstacles on the road to DevOps

Live Demo #slideless

Showing how technology really works