Catch the recap
Relive the energy and key insights of the event.
Dive into the highlights and summary of each session.
Read the blog post.
Become a Sponsor
Join the ThreatModCon sponsor network to feature your brand with our community.
New to ThreatModCon?
Watch highlights from our last event in Lisbon and get a taste of ThreatModCon.
Agenda
Friday
Spetember 27
Saturday
September 28
Click on a session name to find out more...
Speakers
Gain invaluable insights from top industry experts, seasoned practitioners, and thought leaders in threat modeling across technology, security consulting, academia, and beyond. Explore cutting-edge trends, delve into real-world case studies, and discover how these experts have empowered organizations to advance their threat modeling capabilities.
Jonathan is from Montreal, Canada and is passionate about Application Security. He enjoys architecture analysis, code review, threat modeling and debunking security tools. Jonathan holds a bachelor's degree in Software Engineering and has 20 years of experience in IT and Security.
John Krautheim has over 30 years experience in cyber security and engineering. He has a PhD in Computer Engineering and has taught cyber security at Augusta University and Naval Postgraduate School. John currently leads threat modeling and penetration testing at Broadcom Mainframe Software.
Larry England is a Distinguished Software Engineer having experience in a wide range of technical areas including large-scale systems (z/OS), language runtimes, application development tools, database management systems, text search and retrieval, security, and operating systems.
Principal Product Security Engineer and Security Architect with more than 20+ years of experience, OWASP Conference Speaker and security podcast participant covering topics of Threat Modeling and Security Design Patterns. Currently working at Splunk securing the Company's Products and Services.
Ron is a doctoral student with Tufts Security & Privacy Lab, where he focuses on threat modeling and vulnerability management for medical systems.
Jason Nelson works in the Financial Industry currently and has over 20 years of security industry experiences. He has worked in multiple countries and across several industries. He has built teams for threat modeling programs that have taken the journey from new to highly mature and globally scaled.
A top-performing technical leader with extensive experience in delivering threat modeling both as a consultant and in-house. Formerly the Threat Modeling Practice Lead at NCC Group, responsible for technical delivery, service line expansion, training, and business development.
Léandre Forget-Besnard is a security engineer and team lead specializing in offensive security ( pentesting and red teaming). Over the past six years, Léandre has integrated threat modeling into offensive practices, enhancing security assessments.
"Jamil Ahmed holds a PhD in Computer Science from Western University, London, ON in 2014 with years of experience in Threat Modeling. Most recently, he works as a Senior Application Security Engineer at Fortis Games. He also holds CSSLP from ISC2. "
Brenna Leath is a Software Security Principal based in Raleigh, NC. As a former Head of Product Security and practitioner, Brenna has implemented scalable solutions for enterprise challenges including security champions, vulnerability management, software supply chain security, and threat modeling.
Zoe Braiterman is an information security consultant and researcher. She is passionate about open source. Her contributions include involvement with OWASP and co-authoring the Threat Modeling Manifesto.
Izar is a Sr Pr Sec Architect at SXM. He held security-related positions at DDOG, SQSP, and many others. Author and presenter,co-author of "Threat Modeling: A Practical Guide for Development Teams" by O'Reilly, member of the Threat Modeling Manifesto Group, and maintainer of the OWASP pytm tool.
Audrey Long is a Senior Security Software Engineer at Microsoft, holding a Master of Science degree in Cybersecurity from John Hopkins University. Her expertise includes creating coding solutions, performing threat modeling activities, and creating secure architecture.
Matt is an experienced security architect and security program leader. He has deep expertise across the product lifecycle enabling security, privacy, and safety of complex systems with practices such as threat modeling and architecture analysis, code analysis, security testing, secure supply chain and manufacturing, and vulnerability and incident response.
Caroline Wong is the Chief Strategy Officer at Cobalt. She has 15+ years of cybersecurity leadership, including practitioner, product, and consulting roles. Caroline authored the popular textbook, Security Metrics: A Beginner's Guide. She teachers cybersecurity courses on LinkedIn Learning and hosts the Humans of InfoSec podcast.
Brook is the Author of Secrets Of A Cyber Security Architect (Auerbach, 2019) and Securing Systems: Applied Security Architecture and Threat Models (CRC Press, 2015), co-author of Building In Security At Agile Speed (Auerbach, 2021) and contributing author to Core Software Security (CRC Press, 2014). Brook is a passionate security architect with decades of technical leadership experience. He currently provides security architecture leadership for three security consultancies, as well as being an advisor to True Positives, LLC and Resilient Software Security, LLC. providing both technical leadership and strategy to the consultancies as well as contributing to our clients’ holistic software security programmes and secure design/threat modeling efforts.
Robert Hurlbut is a Principal Application Security Architect and Threat Modeling Lead, Aquia. Robert is co-author of the Threat Modeling Manifesto, Threat Modeling Capabilities Model, and co-host of the Application Security Podcast.
Adam is the author of Threat Modeling: Designing for Security, and Threats: What Every Engineer Should Learn from Star Wars, and the first recipient of the Adam Shostack Award for Threat Modeling.
Laurent Bouchard is an Offensive Security Threat Modeler at Desjardins. He likes to explore how and why systems works the way they do and has been spending the last few years doing so with computer systems.