- NULLCON Webinars
- Rapid Threat Model Prototyping; threat modeling for Agile and DevOps
Speaker Name: Geoffrey Hill
Title: Rapid Threat Model Prototyping; threat modeling for Agile and DevOps
Date: 16th October 2020
Time: 4:00 pm IST
This course will introduce Rapid Threat Model Prototyping (RTMP), for quickly analyzing software designs at the beginning of each Agile increment and before each Agile sprint. RTMP integrates attack kill-chain, defense-in-depth, security frameworks (STRIDE, OWASP Top 10), Agile architecture, and software prototyping. This methodology is optimized for Agile and DevOps activities.
Geoff is the founder of Tutamantic Sec and the creator of the open-source Rapid Threat Model Prototyping methodology in addition to the Tutamen automated threat modelling SaaS product. He is current working as the head application security architect for a financial commodities firm in London.
He built up his work experience initially by building Wall Street trading platforms including a fair-value options pricing suite that sold results daily on the New York Commodities Exchange.
As a global technology leader he has nearly 3 decades of software design, development and security in cities around the world. This includes 8 years at Microsoft, working both as a developer/consultant and as an application security specialist. During this time he created an Agile-focussed Security Engineering process. He also developed threat model theories with the help of one of the leading threat model experts, Adam Shostack.
Geoff has provided security consultancy at Cigital, Bank of England, Sony Mobile, Visa and a number of European banks where he was the main provider of threat modelling and application security knowledge. He has also delivered security training through JB International (a global IT training company) for a number of internationally recognised companies, including the BBC.
He is active on Twitter and LinkedIn. You can contact him via @Tutamantic_Sec on Twitter.