Three levels of complexity: Threat Modeling of Containerized Application
Full Talk (40 Minutes)
Threat Modeling is a very powerful tool of Application Security. The session explains how we can optimize threat modeling and improve the process outcome; and how we can handle a new dimension in the model since the containers usage requires attention to additional aspects which can be easily overlooked. We'll start from the common principles of threat modelling, purpose and expectation from the process, and continue with different approaches, roles, and metrics we can apply to the process. We’ll deep dive into the new aspects inserted by containerization of applications for both legacy monolith and modern micro services architecture. I'll conclude with examples where proper threat modeling and mitigation of the risks reduces impact of vulnerabilities recently reported in Docker and Kubernetes.
Food & Swag Sponsors
Learn more about each of our Event Sponsors.