ThreatModCon returns to San Francisco after last year's inaugural success. Immerse yourself in the threat modeling world with experts and like-minded people.

September 27-28, 2024

New to ThreatModCon?

Watch highlights from our last event in Lisbon and get a taste of ThreatModCon.

Agenda

Friday

Spetember 27

Time
Session
Speaker
Stage
Type
6:00pm
Welcome Reception
Networking

Saturday

September 28

Click on a session name to find out more...

Time
Session
Speaker
Stage
Type
8:00am
Registration & Coffee
9:00am
Brook Shoenfield
Stage 1
9:05am
Matthew Coles
Adam Shostack
Caroline Wong
Izar Tarandach
Stage 1
Un-keynote keynote
10:35am
Coffee Break
12:25pm
Lunch: Birds of a Feather Discussion
3:30pm
Coffee Break
4:20pm
Brook Shoenfield
Stage 1

Speakers

Gain invaluable insights from top industry experts, seasoned practitioners, and thought leaders in threat modeling across technology, security consulting, academia, and beyond. Explore cutting-edge trends, delve into real-world case studies, and discover how these experts have empowered organizations to advance their threat modeling capabilities.

John Krautheim
Principal Engineer, Broadcom

John Krautheim has over 30 years experience in cyber security and engineering. He has a PhD in Computer Engineering and has taught cyber security at Augusta University and Naval Postgraduate School. John currently leads threat modeling and penetration testing at Broadcom Mainframe Software.

Larry England
Distinguished Software Engineer, Broadcom

Larry England is a Distinguished Software Engineer having experience in a wide range of technical areas including large-scale systems (z/OS), language runtimes, application development tools, database management systems, text search and retrieval, security, and operating systems.

Joern Freydank
Principal Product Security Engineer, Splunk

Principal Product Security Engineer and Security Architect with more than 20+ years of experience, OWASP Conference Speaker and security podcast participant covering topics of Threat Modeling and Security Design Patterns. Currently working at Splunk securing the Company's Products and Services.

Ron E. Thompson
PhD Candidate, Tufts Security & Privacy Lab

Ron is a doctoral student with Tufts Security & Privacy Lab, where he focuses on threat modeling and vulnerability management for medical systems.

Jason Nelson
Principal Consultant & Owner, Necessary Security LLC

Jason Nelson works in the Financial Industry currently and has over 20 years of security industry experiences. He has worked in multiple countries and across several industries. He has built teams for threat modeling programs that have taken the journey from new to highly mature and globally scaled.

Cristiano Corradini
Manager, Security Engineering, AWS

A top-performing technical leader with extensive experience in delivering threat modeling both as a consultant and in-house. Formerly the Threat Modeling Practice Lead at NCC Group, responsible for technical delivery, service line expansion, training, and business development.

Léandre Forget-Besnard
Team Lead, AppSec & Threat Modeling, Desjardins

Léandre Forget-Besnard is a security engineer and team lead specializing in offensive security ( pentesting and red teaming). Over the past six years, Léandre has integrated threat modeling into offensive practices, enhancing security assessments.

Jamil Ahmed, Ph.D
Sr. AppSec Engineer, Fortis Games

"Jamil Ahmed holds a PhD in Computer Science from Western University, London, ON in 2014 with years of experience in Threat Modeling. Most recently, he works as a Senior Application Security Engineer at Fortis Games. He also holds CSSLP from ISC2. "

Brenna Leath
Software Security Principal, Navy Federal Credit Union

Brenna Leath is a Software Security Principal based in Raleigh, NC. As a former Head of Product Security and practitioner, Brenna has implemented scalable solutions for enterprise challenges including security champions, vulnerability management, software supply chain security, and threat modeling.

Zoe Braitermen
Chief Information Officer, Mutual Knowledge Systems

Zoe Braiterman is an information security consultant and researcher. She is passionate about open source. Her contributions include involvement with OWASP and co-authoring the Threat Modeling Manifesto.

Izar Tarandach
Sr. Principal Security Architect, SiriusXM

Izar is a Sr Pr Sec Architect at SXM. He held security-related positions at DDOG, SQSP, and many others. Author and presenter,co-author of "Threat Modeling: A Practical Guide for Development Teams" by O'Reilly, member of the Threat Modeling Manifesto Group, and maintainer of the OWASP pytm tool.

Audrey Long
Sr. Security Software Engineer, Microsoft

Audrey Long is a Senior Security Software Engineer at Microsoft, holding a Master of Science degree in Cybersecurity from John Hopkins University. Her expertise includes creating coding solutions, performing threat modeling activities, and creating secure architecture.

Matthew Coles
Sr. Principal Product Security Engineer, Dell Technologies

Matt is an experienced security architect and security program leader. He has deep expertise across the product lifecycle enabling security, privacy, and safety of complex systems with practices such as threat modeling and architecture analysis, code analysis, security testing, secure supply chain and manufacturing, and vulnerability and incident response.

Caroline Wong
CSO, Cobalt

Caroline Wong is the Chief Strategy Officer at Cobalt. She has 15+ years of cybersecurity leadership, including practitioner, product, and consulting roles. Caroline authored the popular textbook, Security Metrics: A Beginner's Guide. She teachers cybersecurity courses on LinkedIn Learning and hosts the Humans of InfoSec podcast.

Adam Shostack
President, Shostack Associates

Adam is the author of Threat Modeling: Designing for Security, and Threats: What Every Engineer Should Learn from Star Wars, and the first recipient of the Adam Shostack Award for Threat Modeling.

Laurent Bouchard
Offensive Security Threat Modeler, Desjardins

Laurent Bouchard is an Offensive Security Threat Modeler at Desjardins. He likes to explore how and why systems works the way they do and has been spending the last few years doing so with computer systems.

You reached the bottom of the page...

... You must be interested in ThreatModCon!

Book your place before they're all gone.