Describe different ways of implementing TM in agile organisations

Track: Threat Model
When: Wed AM-1
Organizers Steven Wierckx Steven Wierckx

WHY

Many organisations are struggling to fit threat modeling to their agile way of working.

What

We will describe one of more ways to implement the different building blocks of threat modeling in the different actions of SCRUM and Kanban. What “deliverables” make sense in agile? For example, when during the SCRUM process would you update the model of what’s being worked on? When do you discover new threats? Who will perform what actions to get all of this done?

Outcomes

Describe a typical SCRUM and Kanban process and show where threat model related building blocks fit. Describe why the specific action is done during that specific phase of the agile methodology.

References

https://owaspsummit.org/Working-Sessions/Threat-Model/Lightweight-Threat-Modeling-Process.html

Register as participant

To register as participant add Describe different ways of implementing TM in agile organisations to either:

  1. the sessions metadata field from your participant's page (find your participant page and look for the edit link).
  2. or the participants metadata field from this git session page


Back to list of all Working Sessions