DAY 1, OCTOBER 18
14:00 - 14:45
ABOUT THE SPEAKER
Vitaly Davidoff has 15 + years’ experience as a developer and more than 7 years in application security. He is an Applications Security Expert at Citi Bank Innovations Lab TLV Israel. In this position he is responsible for providing Application Security solutions for many products including analyzing security risks to multidisciplinary systems according to the customers’ system characterization, review new technologies and solutions, defining required security controls to handle identified security threats, performing code and design reviews, threat modeling and etc. Vitaly hold CISSP and CSSLP Certifications.
Previous talks: https://www.devseccon.com/tel-aviv-2018/session/end-2-end-containers-ssdlc-process/
SPEECH: Lost in (DevSecOps) Space – practical approach for “Lightway” Threat Modeling as a Code
“Agile and Microservices created a reality where Threat Modeling becomes a bottleneck - heavily resource intensive, requires a full team of expensive security professionals, takes up far too much time, and does not scalable…”
In this session, we’ll review a real implementation of Lightway Threat Modeling automation using different tools. I’ll demonstrate how to transfer Threat Modeling process to code and will provide an end to end solution for create a robust Threat Modeling program and options to connect it to DevSecOps program inside a company.