TestBash Revisited - Threat Modelling: How Software Survives in a Hacker’s Universe - Saskia Coplans

22nd June 2022
  • Locked
Saskia Coplans's profile
Saskia Coplans

Founder and Security Consultant

TestBash Revisited - Threat Modelling: How Software Survives in a Hacker’s Universe - Saskia Coplans image
Like Bookmark
Talk Description

In this session, we will be revisiting Saskia Coplan's talk from TestBash Manchester 2019. Saskia will join us on the main stage for a chat whilst we watch the talk and discuss what was said back in 2019 and what could have changed since then.

This is the story of how a client lost millions due to a costly oversight that allowed attackers to exploit a devastating vulnerability. Although the client was aware that this weakness existed when the final product was launched, it would have been too expensive to fix and would have required them to miss critical deadlines.

In this talk, we'll discuss how with version 2, we helped our client by starting with some threat modelling techniques in order to understand; which assets an attacker would be after, what weaknesses existed in the design that would allow an attacker to access them, and what protections could be put in place to stop the same level of attack happening again.

By the end of this session, you'll be able to:

  • How we can use threat modelling to think like an attacker
  • How threat modelling can help us secure our applications and how software testers can integrate this technique into the testing process
  • Why thinking about security as early as possible is the safest option
Saskia Coplans
Saskia Coplans
Founder and Security Consultant
Saskia is the Cofounder and Director of Digital Interruption and REXScan, and is the Director of Innovation for Data Science, AI and Cyber and HOST Salford. Saskia has over ten years experience in information security and governance along with standards and policy development. She has worked across Europe and Central Asia for Governments, NGO’s, Regulators and the Private Sector and presents at events and conferences world wide. She sits on the Greater Manchester Cyber Advisory Group, the Board of OWASP Manchester and the Infosec Hoppers and is a Copresenter on the Greyhats Podcast. 
Suggested Content
Partner with MoT Today! image

Partner with MoT Today!

Reach the most active and respected software testing community
Explore MoT
Episode Eight: Exploring Quality Engineering image

Episode Eight: Exploring Quality Engineering

Land on the quality engineering planet!
MoT Foundation Certificate in Test Automation
MoT Foundation Certificate in Test Automation
Unlock the essential skills to transition into Test Automation through interactive, community-driven learning, backed by industry expertise
This Week in Testing
This Week in Testing
Debrief the week in Testing via a community radio show hosted by Simon Tomes and members of the community
Subscribe to our newsletter
We'll keep you up to date on all the testing trends.