Cover Image for AI Don’t Need No Stinkin’ Threat Models Or, Threat Modeling In The face of AI
Cover Image for AI Don’t Need No Stinkin’ Threat Models Or, Threat Modeling In The face of AI
Avatar for Threat Modeling Connect (TMC) New York City
Presented by
Threat Modeling Connect (TMC) New York City
We're the NYC (and areas around!) chapter of TMC. We're the answer to what could go wrong, and nobody does it better.
Hosted By
Zoe Braiterman
Izar Tarandach
AI

AI Don’t Need No Stinkin’ Threat Models Or, Threat Modeling In The face of AI

Threat Modeling Connect (TMC) New York City
Zoom
Registration
Approval Required
Your registration is subject to host approval.
Welcome! To join the event, please register below.
You will be asked to verify token ownership with your wallet.
About Event

No matter where one turns, AI seems omnipresent. AI boosters will claim that, “work will never be the same.” Is this AI-centric view true for threat modeling, too? 

Threat modeling has been an uneasy marriage between hard science, a bit of careful engineering, and the experience, craft, and occasional wisdom of its practitioners. Threat modeling has even been seen by some as a secretive, initiates-only cult - non-members discouraged from even trying. It is true that many successful threat modeling programmes have depended upon at least one expert. Will AI eliminate the need for gurus? Can AI democratize threat modeling? Will developers continue to depend on savants or can they break free with AI-derived modeling?

Please join threat modeling author, teacher, and practitioner, Brook S.E. Schoenfield, for perspectives on modeling today and into the future. Brook, is one of a motley crew of threat modelers who’ve devoted decades to making threat modeling accessible. This talk will tie that effort to AI’s hype cycle. Find out what part AI might play and at the same time, why we just might continue to need experienced threat modelers.

Key Discussion Points:

  1. Why expert threat modelers have been crucial

  2. We face a tsunami of insecure code

  3. Does the adoption of threat modeling tools teach us anything?

  4. How AI can and will not help

  5. This is not the first security sea change and it won’t be the last

Bio:

Books by Brook S.E. Schoenfield include Building In Security At Agile Speed (Auerbach, 2021, co-authored with James Ransome), Secrets Of A Cyber Security Architect (Auerbach, 2019) and Securing Systems: Applied Security Architecture and Threat Models (CRC Press, 2015). He co-authored The Threat Modeling Manifesto (2020), Threat Modeling Capabilities (2023), Avoiding the Top 10 Security Design Flaws (IEEE, 2014) and Tactical Threat Modeling (SAFECode, 2017), and other industry publications. He has taught 100’s of security architects, and 1000’s have attended his threat modelling training. He technically led five AppSec/software security programs and 4 consulting practices. Currently, Mr. Schoenfield works with organizations to improve their security practices as CISO at Rezliant Inc. In addition, he acts as Chief Scientist for Rezliant Maestro. He is a faculty member of the University of Montana. He regularly speaks at conferences and appears in podcasts/webinars. 

Avatar for Threat Modeling Connect (TMC) New York City
Presented by
Threat Modeling Connect (TMC) New York City
We're the NYC (and areas around!) chapter of TMC. We're the answer to what could go wrong, and nobody does it better.
Hosted By
Zoe Braiterman
Izar Tarandach
AI