DevOps Conference
The Conference for Continuous Delivery, Microservices,
Containers, Clouds and Lean Business

Agile Threat Modeling the DevSecOps Way

Session
Until conference starts:
✓ 4 Day Special
✓ Team discount
✓ Extra specials for freelancers
Register now
Until conference starts:
✓ 4 Day Special
✓ Team discount
✓ Extra specials for freelancers
Register now
Until October 20:
✓ Save up to $233
✓ 4 Day Special
✓ Team discount
Register now
Until October 20:
✓ Save up to $233
✓ 4 Day Special
✓ Team discount
Register now
Until November 3
✓ Save up to 399€
✓ 4 Day Special
✓ Team discount
Register now
Bis 3. November
✓ Sparen Sie bis zu 399 €
✓ 4-Tages-Special
✓ Kollegenrabatt
Jetzt anmelden
Thank you for attending
We see us 2023
or in September in New York
Go to New York
Thank you for attending
We see us 2023
or in September in New York
Go to New York
Thank you for attending
We see us 2023
or in Munich in December 2022
Go to Munich
Danke für Ihre Teilnahme
Wir sehen uns 2023
oder im Dezember in München
Jetzt nach München
Infos

If we can build software in a reliable, reproducible and quick way at any time using Pipeline-as-Code and have also automated security scans as part of it, how can we quickly capture the risk landscape of agile projects to ensure we didn’t miss an important thing? Traditionally, this happens in workshops with lots of discussion and model work on the whiteboard with boxes, lines and clouds. It’s just a pity that it often stops then: Instead of a living model, a slowly but surely eroding artifact is created, while the agile project evolves at a faster pace. In order to counteract this process of decay, something has to be done continuously, something like "Threat-Model-as-Code" in the DevSecOps sense. See in this talk the ideas behind this approach: Agile developer-friendly threat modeling right from within the IDE using open-source tools. Models editable in developer IDEs and diffable in Git, which automatically derive risks including graphical diagram and report generation with recommended mitigation actions.

This Session originates from the archive of Diese Session stammt aus dem Archiv von New YorkNew York, MunichMünchen and  und LondonLondon . Take me to the program of . Hier geht es zum aktuellen Programm von New York New York .

This Session originates from the archive of Diese Session stammt aus dem Archiv von New YorkNew York, MunichMünchen and  und LondonLondon . Take me to the program of . Hier geht es zum aktuellen Programm von Singapore Singapur .

This Session originates from the archive of Diese Session stammt aus dem Archiv von New YorkNew York, MunichMünchen and  und LondonLondon . Take me to the program of . Hier geht es zum aktuellen Programm von Munich München .

This Session originates from the archive of Diese Session stammt aus dem Archiv von New YorkNew York, MunichMünchen and  und LondonLondon . Take me to the program of . Hier geht es zum aktuellen Programm von London London .

This Session originates from the archive of Diese Session stammt aus dem Archiv von New YorkNew York, MunichMünchen and  und LondonLondon . Take me to the program of . Hier geht es zum aktuellen Programm von Berlin Berlin .

This Session Diese Session originates from the archive of stammt aus dem Archiv von New YorkNew York, MunichMünchen and  und LondonLondon . Take me to the current program of . Hier geht es zum aktuellen Programm von New York New York , Singapore Singapur , Munich München , London London or oder Berlin Berlin .

Stay tuned:

Behind the Tracks

 

Kubernetes Ecosystem

Docker, Kubernetes & Co

Microservices & Software Architecture

Maximize development productivity

Continuous Delivery & Automation

Build, test and deploy agile

Cloud Platforms & Serverless

Cloud-based & native apps

Monitoring, Traceability & Diagnostics

Handle the complexity of microservices applications

Security

DevSecOps for safer applications

Business & Company Culture

Radically optimize IT

Organizational Change

Overcome obstacles on the road to DevOps

Live Demo #slideless

Showing how technology really works