Presentations from the foreseeti June Tech Meetup Webinar
On the 4 of June 2020 foreseeti and AWS held a very appreciated webinar about “Threat modeling – a game-changer for organizations”. Here are the presentations and films from the webinar.
Fully automated security assessments in AWS architectures
How to manage and deploy automated security assessments at scale in AWS architectures.
∙ The role of Automated Threat Modeling and Attack Simulations in AWS
∙ What are the key challenges addressed, and wins with automated security assessments?
∙ How does it work in practice?
∙ How can teams collaborate and work together for the best result?
Paul Ahlgren, Regional Leader, Security & Compliance Business Acceleration, Nordics & Baltics, Amazon Web Services (AWS)
Erik Ringdahl, Product Director, foreseeti
Application threat modeling, a banking application example
Public facing applications are often used as entry points for intrusions and malicious activity. But what opportunities an attacker is offered once the foothold is achieved depends on the internal structure of the systems and services of the application.
∙ How to create a threat model based on the different parts of an application and how they interact
∙ How securiCAD will present expected attacker operations
∙ How attack simulations can visualize security gaps
∙ Using the banking application example as a threat modeling template
Speaker: Joar Jacobsson, IT Security Consultant & Tutor, foreseeti
Why threat modelling is a game-changer for organizations
It remains accepted that asset management is the crucial foundation for any security program. You can’t protect what you don’t know you have. However, it remains an Achilles heel for many organizations to understand not only their assets and associated infrastructure in a static model, but increasingly every organization is going through a level of digital transformation. Organizations now have more complex and integrated networks than ever before, added to which is added partial network and point solution security coverage. Complexity is the enemy of security, and innovative technologies such as threat modelling can significantly help organizations lessen the noise and provide clarity of risk across their infrastructure. They are also able to model different architectural security designs that can support gaps in the security network and support business case investment.
∙ How threat modelling can support many of the key challenges facing security teams
∙ How to use automated threat modelling to support DevSecOps and continuous risk management and help mitigate these challenges
Mo Ahddoud, Interim CISO & Cyber Security Consultant, MA Consulting LTD