HOPE X (2014): "Threat Modeling and Security Test Planning" (Download)
Saturday, July 19, 2014: 11:00 am (Olson): How do I figure out if the application I've designed is secure? What do I need to test? When do I need to start thinking about security? How does what an application is designed to do affect how it's tested? How do high-level security goals relate to protocol bugs? How do I know when I need specialist review? How do I figure out if my users will be able to use my application securely? If you've found yourself asking questions like these or if you're just realizing that maybe you should be asking them, this talk will give you tools to work with. The work that a security analyst does can be opaque, but understanding it will save you time and help you build a more secure application. This talk will cover threat modeling (both on its own and as a driver of high-level test planning), when and which kinds of low-level tests you should be including, with special attention paid to parser/protocol bugs. Examples will be shown from both the commercial space and the world of software designed for high-risk users, with specific focus on some of the particular challenges of the latter arena.