Loading…
AppSec USA 2017 has ended
Simple
Expanded
Grid
By Venue
Baja [clear filter]
Tuesday, September 19
 

9:00am EDT

Whiteboard Hacking aka Hands-on Threat Modeling (1 of 2 days)

Toreon proposes a 2 day, trainer-led, on-site, Threat Modeling course. The training material and hands-on workshops with real live Use Cases are provided by Toreon. The students will be challenged to perform practical threat modeling in groups of 3 to 4 people covering the different stages of threat modeling on:

• A hotel booking web and mobile application, sharing the same REST backend

• An Internet of Things (IoT) deployment with an on premise gateway and secure update service

• An HR services OAuth scenario for mobile and web applications

 

This edition also introduces a new section on privacy threats and privacy by design, including a hands-on privacy impact assessment of a face recognition system in an airport. Each student will receive a hard copy of the book: Threat Modeling, designing for security by Adam Shostack (2014, Wiley)

 

This training is delivered successfully at OWASP Europe 2016 and is selected for OWASP Europe 2017 and Blackhat USA 2017. More details and the outline of the training are available in the attached syllabus.

 


Speakers
avatar for Steven Wierckx

Tuesday September 19, 2017 9:00am - 5:00pm EDT
Baja
  2-day training
 
Wednesday, September 20
 

9:00am EDT

Whiteboard Hacking aka Hands-on Threat Modeling (2 of 2 days)

Toreon proposes a 2 day, trainer-led, on-site, Threat Modeling course. The training material and hands-on workshops with real live Use Cases are provided by Toreon. The students will be challenged to perform practical threat modeling in groups of 3 to 4 people covering the different stages of threat modeling on:

• A hotel booking web and mobile application, sharing the same REST backend

• An Internet of Things (IoT) deployment with an on premise gateway and secure update service

• An HR services OAuth scenario for mobile and web applications

 

This edition also introduces a new section on privacy threats and privacy by design, including a hands-on privacy impact assessment of a face recognition system in an airport. Each student will receive a hard copy of the book: Threat Modeling, designing for security by Adam Shostack (2014, Wiley)

 

This training is delivered successfully at OWASP Europe 2016 and is selected for OWASP Europe 2017 and Blackhat USA 2017. More details and the outline of the training are available in the attached syllabus.

 

Speakers
avatar for Steven Wierckx

Wednesday September 20, 2017 9:00am - 5:00pm EDT
Baja
  2-day training
 
Filter sessions
Apply filters to sessions.
Tuesday, September 19
Wednesday, September 20
Thursday, September 21
Friday, September 22
Acapulco
Baja
Cancun
Coronado E
Coronado F
Coronado G
Coronado H
Coronado J
Coronado K
Coronado L
Coronado M&N
Coronado N&P
Coronado P&Q
Coronado Q&R
Durango 1
Durango 2
Epcot
Fiesta 10
Fiesta 6
Fiesta 7
Fiesta 8
Fiesta 9
Monterrey 2
North Registration
Veracruz B
Veracruz C
  • 1-day training
  • 2-day training
  • Activity
  • Breaker
  • Builder
  • Defender
  • Developer Summit
  • DevOpsSec
  • Exhibit
  • IOT/Mobile/Cloud
  • KeyNote
  • Members Lounge
  • Networking
  • Project Summit
  • Registration
  • Store
  • WASPY Awards
  • Popular