The Automation Illusion? What Machines Can’t Do in Threat Modeling
November 8, 2025
10:40AM
Beverly Snow
About this session
Threat modeling is crucial yet slow for modern development. This talk explores blending AI automation—diagram parsing, template modeling, risk scoring—with human expertise through scoping, threat identification, risk analysis, and mitigation. We’ll review tools and use cases (auto-generated models, NLP analysis, AI suggestions), discuss limitations (hallucinations, bias, accountability), and present a roadmap to integrate automation ethically without losing essential human insight.
About the speaker
Sebastien Deleersnyder, CTO Toreon, has a deep cybersecurity background. He has trained many developers in secure coding practices, started OWASP Belgium, contributed significantly to projects like SAMM. Now, he's focusing on integrating AppSec into DevOps and expanding the reach of threat modeling.
.png){kind=logo}
