Threat modeling anticipates weaknesses in software that an attacker could exploit, allowing teams to implement defensive countermeasures during the software development process. But manual threat modeling is time-consuming, inconsistent, and does not scale, leaving most applications unprotected.

 

Software development and application security teams also struggle to understand and demonstrate compliance with both existing secure software development standards, such as the Payment Card Industry Software Security Framework (PCI-SSF) and the Cloud Controls Matrix (CCM) developed by the Cloud Security Alliance (CSA), as well as emerging standards related to Executive Order 14028, “Improving the Nation’s Cybersecurity,” such as NIST 800-218, The Secure Software Development Framework (SSDF).

 

During this live event:

 

• Learn how to take a developer-centric approach to threat modeling that can reduce software threat modeling time from days or weeks to minutes.
• See how to quickly translate threat models into practical, developer-centric countermeasures developers can quickly implement.
• Discover how developers can quickly demonstrate compliance with existing and emerging standards.
• View examples of how to make complex threat, countermeasure, and compliance data accessible for both software development and application security teams so they can track the state of their software security program in real-time.