1010, 2025

DeepSec 2025 Talk: Securing the Death Star: Threat Modeling in a Galaxy Far, Far Away…. – Coen Goedegebure

Sanna/ October 10, 2025/ Conference/ 0 comments

The Galactic Empire is on the verge of releasing its biggest, most valuable and most important asset: the Death Star. You, the newly appointed Chief Imperial Security Officer, are responsible for improving its security posture. The previous CISO was “let go” and now it’s your job to clean up their mess. Your boss, Darth Vader, is breathing heavily down your neck. He is not amused with the project already over budget in both resources and time, and security will only add to that. His unconventional yet persuasive leadership style convinces you to make this your top-most priority. How will you approach the massive task of securing the Death Star? This presentation will tell an untold story in the Star Wars universe in which the Death Star’s threats and mitigations were identified and prioritised before

Read More

0408, 2025

DeepSec 2025 Training: Becoming the Godfather of Threat Modeling – Mike van der Bijl

Sanna/ August 4, 2025/ Conference/ 0 comments

In the world of cybersecurity, there is always a threat lurking. Waiting in the shadows for the perfect moment to strike. You can sit back and relax and hope for the best and react when it’s too late… or before they even think about making a move, you can take control and see everything coming from miles away. In this session, you’ll dive deep into the art of threat modeling—an essential skill that allows you to anticipate risks, identify vulnerabilities, and develop a proactive defense strategy. Mike will guide you through the process and show you why threat modeling is an offer you simply can’t refuse. You’ll learn how to analyze threats with precision, build effective threat scenarios and develop a mindset that stays one step ahead of the attackers. Ultimately, you won’t only

Read More

0411, 2019

DeepSec 2019 Talk: Lost in (DevOps) Space – Practical Approach for “Lightway” Threat Modeling as a Code – Vitaly Davidoff

Sanna/ November 4, 2019/ Conference, Development

Threat Modeling is a main method to identify potential security weaknesses, and is an important part of any secure design. Threat Modeling provides a model to analyze how to best protect your assets, prevent attacks, harden your systems, and efficiently prioritize security investment. Regardless of programming language, Threat Modeling provides a far greater return than most other security techniques in the software development life cycle (SDLC) process. Therefore, Threat Modeling should be an early priority in application design process. Unfortunately, it is common knowledge that building a full threat model is always heavily resource intensive, requires a full team of expensive security professionals, takes up far too much time, and is not scalable. This talk will describe modern Threat Modeling methodology and practices that can be fully incorporated into your existing agile process. We

Read More