TestBash Revisited - Threat Modelling: How Software Survives in a Hacker’s Universe - Saskia Coplans thumbnail

TestBash Revisited - Threat Modelling: How Software Survives in a Hacker’s Universe - Saskia Coplans

Saskia Coplans's profile
Saskia Coplans

Founder and Security Consultant

22 Jun 2022
  • Locked

In this session, we will be revisiting Saskia Coplan's talk from TestBash Manchester 2019. Saskia will join us on the main stage for a chat whilst we watch the talk and discuss what was said back in 2019 and what could have changed since then.

This is the story of how a client lost millions due to a costly oversight that allowed attackers to exploit a devastating vulnerability. Although the client was aware that this weakness existed when the final product was launched, it would have been too expensive to fix and would have required them to miss critical deadlines.

In this talk, we'll discuss how with version 2, we helped our client by starting with some threat modelling techniques in order to understand; which assets an attacker would be after, what weaknesses existed in the design that would allow an attacker to access them, and what protections could be put in place to stop the same level of attack happening again.

Comments

Sign in to comment
Explore MoT
Leading with AI - The London Edition image

Leading with AI - The London Edition

Fri, 19 Jun
A half-day educational experience to navigate the world of AI
Everyday security testing: A practical guide to getting started image
Everyday security testing: A practical guide to getting started
Mitigate security risks by building simple security testing techniques into your daily routine
28 Oct 25
Course
Into The Motaverse image
Into The Motaverse
Into the MoTaverse is a podcast by Ministry of Testing, hosted by Rosie Sherry, exploring the people, insights, and systems shaping quality in modern software teams.
Subscribe to our newsletter