Kate Broussard to Present at Day of Shecurity San Francisco

Date & Time: Friday, October 11, 2019, 1-3pm, Session# DoSSTT007
Location: Federal Reserve Bank of San Francisco - 101 Market St, San Francisco, CA 94105
Speaker: Kate Broussard

Bishop Fox's Kate Broussard will be conducting her two-hour workshop "Build A Better Threat Model" at Day of Shecurity San Francisco on October 11th. Read the abstract below.

Threat modeling is often approached from a large-scale perspective – what could attackers do to a whole organization? How could they get in? That approach involves algorithms and comprehensive perimeter scans, and it requires a team to accomplish it all within a reasonable timeframe.

But sometimes in pen testing, it’s just you versus an application. In those situations, you don’t have the luxury of being a human scanner, applying every payload to every input to see what sticks. You aren’t working at the same scale as a full perimeter model, and you don’t need to. 

Lucky for you, threat modeling can be approached from a more functional side – instead of trying to capture every possible attack vector that might exist in every application to build your methodology, you can take a step back and think about the central actions of an application – Does it handle financial transactions? Does it store personal information? Is it closely linked to other applications with highly sensitive content?

This workshop will help you understand functional threat modeling and how to apply it to any application. Through this method, you can organize your plan of attack, confirm the focus and scope of testing with the client, and you’ll know what DONE looks like in a pen test. This strategy customizes each engagement while also giving you a repeatable methodology to return to with every new application. 

Come remodel your sense of threat modeling so you can approach every pen test with confidence and a plan. 

Topics:Speaking Engagements

Comments

Need a Cybersecurity Expert to Speak at Your Event?

Please get in touch with our Speaker Bureau program manager, Virginie Jenck. Please email her at contact@bishopfox.com

More...

Subscribe to Updates