I was one of the founding members of the online community Threat Modeling Connect. During the initial conversations about what the community would become, I brainstormed with Shuning Hsu, the Community Leader. I let it drop that we should do a dedicated threat modeling conference. I volunteered to help lead it when the time was right. Shuning and I had another conversation a few months later, and the idea to host a conference was in full flight. I was officially on board as the Global Chair for the Threat Modeling Conference!
We gathered an advisory board to plan the conference and carry the leadership load. The conference committee included Izar Tarandach, Matt Coles, Brook Schoenfield, Irene Michlin, Sandy Blackwell, Chris Ramirez, and Zoe Braiterman. We joined forces as a threat modeling committee to assemble the best and most educational event on threat modeling, put together by the best and brightest in the world of threat modeling!
We spent months planning out every logistical detail, reviewing each speaking submission, and building an excellent program of a keynote, talks, and workshops. All this hard work resulted from an event that I could only describe as “magical.”
The day was magical, from the twelve sessions covering seven themes of threat modeling to the Birds-of-a-feather discussions over lunch. The threat modeling community was together in one place for the first time, and I heard from multiple people at the event that this was the first time they ever felt like they had peers to discuss threat modeling with. From hallway discussions to networking with the people you were sitting next to, the threat modeling community was coming alive.
The day began with a “not-keynote keynote,” the brainchild of Matt Coles, entitled “Threat Modeling is for Everyone”. Matt assembled six speakers and tasked them with each describing via story what threat modeling means for them. No slides were allowed to ensure that the focus was on the story. Matt acted as the moderator and connector between people, and Seba Deleersnyder, Robert Hurlbut, Tanya Janca, Brook Schoenfield, and John Taylor graced the stage and shared their stories. After the stories, we had an open question-and-answer time with the audience and the keynote panel.
I’ve broken the rest of the day’s conference talks and workshops across seven themes. I’ll explore each theme and provide context about what you’ll find with these sessions.