The World's First Threat Modeling Conference

I was one of the founding members of the online community Threat Modeling Connect. During the initial conversations about what the community would become, I brainstormed with Shuning Hsu, the Community Leader. I let it drop that we should do a dedicated threat modeling conference. I volunteered to help lead it when the time was right. Shuning and I had another conversation a few months later, and the idea to host a conference was in full flight. I was officially on board as the Global Chair for the Threat Modeling Conference!

We gathered an advisory board to plan the conference and carry the leadership load. The conference committee included Izar Tarandach, Matt Coles, Brook Schoenfield, Irene Michlin, Sandy Blackwell, Chris Ramirez, and Zoe Braiterman. We joined forces as a threat modeling committee to assemble the best and most educational event on threat modeling, put together by the best and brightest in the world of threat modeling!

We spent months planning out every logistical detail, reviewing each speaking submission, and building an excellent program of a keynote, talks, and workshops. All this hard work resulted from an event that I could only describe as “magical.”

The day was magical, from the twelve sessions covering seven themes of threat modeling to the Birds-of-a-feather discussions over lunch. The threat modeling community was together in one place for the first time, and I heard from multiple people at the event that this was the first time they ever felt like they had peers to discuss threat modeling with. From hallway discussions to networking with the people you were sitting next to, the threat modeling community was coming alive.

The day began with a “not-keynote keynote,” the brainchild of Matt Coles, entitled “Threat Modeling is for Everyone”. Matt assembled six speakers and tasked them with each describing via story what threat modeling means for them. No slides were allowed to ensure that the focus was on the story. Matt acted as the moderator and connector between people, and Seba Deleersnyder, Robert Hurlbut, Tanya Janca, Brook Schoenfield, and John Taylor graced the stage and shared their stories. After the stories, we had an open question-and-answer time with the audience and the keynote panel.

I've broken the rest of the day’s conference talks and workshops across seven themes. I'll explore each theme and provide context about what you'll find with these sessions.

Theme 1: How to start doing threat modeling.

Robert Hurlbut provided one of the workshops for the day," Developing a Threat Modeling Mindset.” In this workshop, Robert provided a path for those new to threat modeling to experience the process and gain experience performing threat modeling. We wanted to ensure that we did not assume that all participants at the event had decades of experience. Our theme was “Threat Modeling is for Everyone,” so we had to ensure that we had a session to teach threat modeling from the ground up for those new to the discipline.

Theme 2: How to scale threat modeling practices

After setting up a threat modeling program and getting it rolling, scaling it quickly comes to the forefront. Folks must go from one threat model daily to one thousand, which requires scalability.

Brenna Leath and Lisa Cook shared their “Threat Modeling Program Milestones: A Journey to Scale” session, where they spoke about their efforts in growing and scaling a threat modeling program inside a big company. They distilled wisdom for companies big and small with scaling.

“The Hitchhiker's Guide for Failing Threat Modeling” by Michael Bernhardt covers different approaches for succeeding with threat modeling by studying past things that have gone wrong. Michael parallels martial arts and threat modeling, which was a big win for me! I love when speakers flip the script and talk about how to ensure something fails. It's a helpful way to think through the problems.

“From Threat Discussion to Completed Mitigation: Making your Threat Model Useful” By Jonathan (Jono) Sosulska was our second workshop. Jono focused on how to make the threat model useful by focusing on the mitigation. This workshop was aimed higher at intermediate-level threat modeling people, continuing our theme that threat modeling is for everyone.

Theme 3: How do you integrate threat modeling in agile development?

Geoff Hill introduced his RTMP methodology via a talk entitled “Being VERY Agile with Rapid Threat Model Prototyping (RTMP).” Geoff focused on how to apply threat modeling in an Agile software development structure. Everyone has gone Agile, so this was a timely talk for those considering how best to align threat modeling to an agile development methodology.

Theme 4: How to integrate privacy in Threat Modeling

Shifting Privacy In by Dr. Kim Wuyts reminded us that threat modeling is about security AND privacy. Privacy is essential; threat modeling can be used to implement privacy, and privacy and security threat modeling are friends. She described how security and privacy strengthen each other and require different mindsets but that combined analysis is more efficient than separate.

Theme 5: How to automate your threat modeling process

"Classic Brainstorming Threat Modeling VS Threat Modeling Tools: Lessons Learned” By Edouard Stoka helps us see the value of an automatic threat modeling process. Edward shares real-life experiences from running threat modeling at ADP. He describes how the best of both worlds is having an extensive collection of applications threat modeled by experts and having access to the best threat modeling tools.

Theme 6: How to leverage AI for threat modeling

AI is all the rage, so we had to have at least one talk that bridged AI and threat modeling. “Everyone is a Threat Modeler: An AI-Enabled Journey for Beginners” by Wael Ghandour was a session where Wael describes his journey experimenting with ChatGPT as a threat modeling tool.

Theme 7: What threat modeling means to our community

The community theme brings together two distinct talks that cover the community in vastly different ways.

With “The Threats to Our Community” by Avi Douglen, Avi applies STRIDE to building communities and exposes the threats we must look out for. He also shares practical ways to protect the communities we create to ensure they are inclusive for all.

In “Operational-Intersectional Threat Modeling: Adapting for IRL and Offline Application” by Dr. Michael Loadenthal, Dr. Loadenthal unlocks a new world of use cases for threat modeling beyond the typical technology product feature. He explains how threat modeling is not just for applications, networks, and digital systems and how, as a methodology and logic, it can have wide application in broader security work. He introduced us to how offline and traditional threat modeling can benefit from an intersectional, harm reduction-informed approach. (This session was not recorded for the event, but you can find Dr. Loadenthanl on an episode of the Threat Modeling Podcast entitled “.”

Conclusion

With the first-ever dedicated Threat Modeling Conference, a new movement has begun. Threat modeling people finally have a place to gather, share best practices, network, and connect.

Look towards the future and attend a Threat Modeling Conference. You'll find peers to discuss the details of threat modeling and scaling a program, you'll make new threat modeling friends, and you'll help to move the practice of threat modeling forward!