Let’s Go Threat Modelling
13th January 2023
-
Locked
Richard Adams
Senior Quality Engineer
Talk Description
I will share how I introduced threat modelling to my team and how it is being used within my company.
Within the talk people will hear the basic theory of threat modelling and also look at how we ran sessions, handle the vulnerabilities found and how I convinced people to try it - using my Threat Agents card game.
Finally, I will make the case that not only is threat modelling for everyone on your team but as testers, we can be ideal people to get involved.
What you’ll learn
By the end of this talk, you'll be able to:
- A basic understanding of threat modelling
- An idea of what threat modelling might be like "in real life"
- The knowledge that it is something they can do and not just for security experts
Richard Adams
Senior Quality Engineer
After my first full time job as a games tester, I've had a varied career from Gameplay Systems Designer to Software Engineer for security systems with a couple of roles in between. I've since returned to testing as I have a huge passion for testing and just love finding bugs!
As well as being a Senior Test Engineer, I am also a Cyber Champion within my organisation. This means that I help drive good security practices and in particular I love getting the team involved in threat modelling. I also get free training on all things security!
Out of work I love gaming and carrying on my interest in threat modelling, I have also created a card game called Threat Agents.
Suggested Content
The 3rd episode of The Testing Planet, The Toolsmith will be all about, yes you guessed it: tools 😉
Explore MoT
Learn the main concepts of exploratory testing and how it differentiates from other established approaches
Unlock the essential skills to transition into Test Automation through interactive, community-driven learning, backed by industry expertise
Topics
Tags
-
security
-
testbash-uk
