Attack Trees - A different approach to doing security

Track

Metodologije i alati

Datum i vrijeme

srijeda, 09. svibanj 2018., 11:20

Dvorana

Dvorana C

Trajanje

30'

“Is our system secure?” No, it’s not. There’s no absolutely secure system. Apps get broken all the time, often in ways its designers never even imagined. Attacks thought to be beyond the ability of mortal men yesterday become common thing today. So the term "security" doesn't have any real meaning unless we can answer questions like "Secure from whom?" or "Secure for how long?"But in order to answer all these questions, we need an efficient and understandable way to model threats against our system. Enter attack trees.Attack trees provide us with a new way of understanding how our system might be attacked and how to prioritise security measures to be implemented. It also makes it easy for product managers and technical people to have a conversation about the prioritisation of security features, and to understand whether a new feature will affect the security of the system. Finally, attack trees are designed to ensure that the whole team has visibility and even ownership of the security process for the product..In this session we’ll learn how to approach our system in a new way, how to think like an attacker, how to document, evaluate and rate the threats, and how to communicate them effectively to the whole team.

Detalji o predavanju

Vrsta: Predavanje
Razina težine: Općenito
Poželjno iskustvo slušatelja: Bez iskustva (1 g. i manje)
Poželjna funkcija slušatelja: Sve
Grupa aktivnosti: Metodologije i alati

O predavaču

Organizatori

Konferenciju organiziraju Hrvatska udruga Oracle korisnika i Hrvatska udruga Java korisnika. 

Prati nas na Facebooku

Novosti, fotografije i zanimljivosti objavljujemo na službenoj Facebook stranici JavaCro konferencije.

Prati nas na Twitteru

Sve novosti i zanimljivosti vezane uz JavaCro objavljujemo i na Twitteru!

Glavni pokrovitelj

Pokrovitelji

Medijski pokrovitelji