%20Dark%20(1).png)
Threat modeling journeys: from 0-1, from good to great.
Join us for two action-packed days of practitioner-led talks, peer discussions and networking.
Call for Papers open now!
This year’s theme is Threat Modeling Journeys.
We’re inviting stories of how you started, scaled, or sharpened your threat modeling practices.
Submission deadline: August 8, 2025
- Share your voice in a global community
- Engage with a passionate, practitioner-led audience
- Get professional development support and speaker mentoring
- Join a growing movement advancing threat modeling and secure-by-design practices
.jpg)
As a practice-oriented conference, we welcome proposals that explore real-world experience, hands-on techniques, and community-proof across all maturity levels.
- 30-minute presentation
- 70-minute interactive workshops
- 70-minute threat modeling game session
- New: 5-minute threat modeling story/mini case-study (for the un-keynote)*
- New: Poster sessions **
The Un-Keynote is back—a community-led session featuring five-minute flashbacks from real threat modeling journeys. Share a defining moment: how you got started, a tough lesson, a breakthrough, or what you’d do differently if starting today. These bite-sized stories highlight the human side of threat modeling and inspire others through honest, relatable experiences.
.jpg)
New this year, poster sessions offer a visual, conversational way to share your work. Great for early-stage ideas, research, or prototypes, this format lets you engage one-on-one with attendees and spark informal, thoughtful discussions.
Topics you could cover...
First-time conference speakers? We’ve got you!
All accepted speakers will be paired with a mentor through our well-received Speaker Mentorship Program. Mentors are experienced threat modeling professionals and seasoned speakers who will support you with feedback, preparation tips, and coaching to help you succeed.
Interested in being a sponsor?
Connect with potential clients and build your community at the world’s only conference dedicated to threat modeling and secure by design.
Speakers
Gain invaluable insights from top industry experts, seasoned practitioners, and thought leaders in threat modeling across technology, security consulting, academia, and beyond. Explore cutting-edge trends, delve into real-world case studies, and discover how these experts have empowered organizations to advance their threat modeling capabilities.
Dinis Cruz is the Chief Scientist of Glasswall and the founder of The Cyber Boardroom startup, who brings a unique blend of Security and Engineering expertise with 20+ years experience in Cyber Security and Software Development. Dinis is focused on creating Gen AI powered teams and environments where engineering and security are enablers and accelerators for the business, with a big focus on the productisation and commercialisation of advanced technologies.
Jim Manico is the Founder of Manicode Security, a company dedicated to providing expert training in secure coding and security engineering to software developers. In addition to leading Manicode, Jim is actively involved in the tech startup ecosystem as an investor and advisor. Jim is committed to giving back to the community through his volunteer work with the OWASP foundation. He co-leads projects such as the OWASP Application Security Verification Standard and the OWASP Cheatsheet Series.
Isabel Barberá is the author of PLOT4ai. She is also one of the members of ENISA Working Group on Data Protection Engineering and a National Expert at ISO/CEN/CENELEC working on the development of standards related to AI and privacy engineering.
Sebastien Deleersnyder, CTO and co-founder of Toreon, has a deep cybersecurity background. He has trained many developers in secure coding practices, founded the Belgian OWASP chapter, and contributed significantly to OWASP projects like SAMM. Now, he’s focusing on integrating application security into DevOps and expanding the reach of threat modeling.
AviD is a prominent security architect and developer, with decades of experience building secure products and protecting complex systems. He has been designing, developing, and testing secure applications for over 20 years, and is obsessed with maximizing value output from security efforts, threat modeling in particular.
Karim is a seasoned and renowned thought leader within cloud security. At O3 Cyber, he conducts research and development and works with our clients, primarily in Financial Industry. Karim has a background in building and operating platform services for security on private and public clouds, developing and executing a cyber security strategy for the world’s largest sovereign wealth fund.
Stanley is the CEO and Cofounder of Katilyst, where he leads initiatives to build and enhance Security Champion programs. An avid MMORPG player since 1999, Stanley leverages his gaming experiences to apply effective gamification techniques in professional settings.
Kelly Kaoudis is a senior security engineer in the Research practice at Trail of Bits. She is a tech lead for threat modelling engagements, and contributes to Trail’s academic and industry research projects including open source parser and file formats analysis tooling.
Dr Anthony Phipps is a member of the cyber research centre at London Metropolitan University, conducting research into audio based cyber security applications. He is also currently a Lead Design for Lloyds Banking Group, managing a team of security design consultants.
Developer & Security Engineer at Kantega SSO, engineering digital identity standards for secure authentication to the Atlassian ecosystem while facilitating and promoting secure software development practices. Creator of threat modeling game Elevation of MLsec.
Håkon has extensive knowledge on implementing secure software development practices for modern teams, designing and implementing cloud security architectures, and securely operating cloud infrastructure. Håkon is a Partner at O3 Cyber, a high-end cyber security advisory for securing the cloud.
Rob van der Veer has over 33 years of experience in AI and security, from hacker to CEO. He open sourced international standardization of AI security by establishing the OWASP AI Exchange flagship project, feeding right into the AI Act and ISO standards.
Dimitri Van Landuyt is Associate Professor in Information Systems Engineering in the Faculty of Economics and Business (FEB) of KU Leuven. Current research focuses on evaluating security and privacy threat modeling methods and tools, and addressing technical, economic risk and legal risk.
Kim Wuyts is a leading privacy engineering expert with over 15 years of experience in security and privacy. Before joining PwC as Manager Cyber & Privacy, Kim was a senior researcher at KU Leuven where she led the development and extension of LINDDUN, a popular privacy threat modeling framework. Her mission is to raise privacy awareness and get organizations to embrace privacy engineering best practices.
.png){kind=logo}
