Threat Modeling Volcanoes: Patterns of Expandable Systems

September 28, 2024
11:10am
Seacliff A/B
Expert Talk

About this session

Dynamic external systems, such as vendor systems that evolve through add-ons and plug-ins while frequently interacting with internal systems, present unique challenges for threat modeling. Traditionally, these complex systems were viewed as ‘black boxes’ and were often excluded from threat models. However, their expandability and integration with custom internal systems now require detailed threat modeling.

This presentation explores practices for modeling these complex integrations. Attendees will gain valuable insights into effective patterns and methodologies, learn about the associated threats, and discover practical examples and mitigation techniques for these specialized systems.

Speaker

Speakers

Joern Freydank
Principal Product Security Engineer, Splunk