Hello Members and Guests.
We are very exciting to be able to have two great authors on Risk, Izar Tarandach and Matthew Coles for our next Chapter meeting. Our next Chapter meeting is May 19, 2021, starting at 4pm Pacific Time. The presentation topic is "Threat Modeling: A Manifesto And Some Code". The crux of the talk is "Threat Modeling: why we think it matters for you, and why we wrote a book about it." Register in advance for this amazing presentation by industry thought leaders: Register Here.
The San Francisco Bay Area ISSA organization wants to thank everyone who attended as well as the groups that participated in the Technology Workforce Collaborative summit, techwc.org. If you were not able to attend, you can view the summit here, https://youtu.be/Bl25cN4DPqw
Chess and cybersecurity share some commonalities that we can look at in thinking about greater resilience for our organizations. RSA 2021 is May 17-20, 2021 with the theme of Resilience. Hear Jimmy Sanders of President of SFBay ISSA discuss his thoughts on that and more in his Keynote Conversation with Angela Weinman for RSA Conference 2021, https://www.rsaconference.com/en/usa
Congratulations to the elected SFBay ISSA Board MembersVice President - Patrick Huber Treasurer - R. Daniel Lee Membership Director - Terry Quan Communications Director - Hakeem Oseni
When: May 19, 2021
Time: 04:00 PM Pacific Time
Presenter: Izar Tarandach & Matthew Coles
Topic: Threat Modeling: A Manifesto And Some Code
Meeting Agenda: (All times Pacific)
04:00 PM - 04:20 PM:Welcome/Meet & Greet
04:45 PM - 05:00 PM: Chapter Business 05:00 PM - 06:00 PM: Presentation and Discussion - Threat Modeling: A Manifesto And Some Code
Threat Modeling: why we think it matters for you, and why we wrote a book about it. Modeling: how to model your system in an expressive way Eliciting threats: what are some of the major approaches in use? How can it be done closer to the developer and at Agile speed? The Threat Modeling Manifesto: the distilled wisdom of dozens of collected years of threat modeling, in an easily consumable format - why it was written, what it is, and how can you benefit from it? Evolution: Automated threat analysis using an open source tool(pytm). We will talk through the making of pytm and then do a demo.
Matthew Coles (he/him) is a security professional focused on the security of physical devices and the ecosystems and processes that enable them to operate. He has an advanced degree in Computer Science from WPI, and maintains a CSSLP certification.
Izar Tarandach (he/him) has peeked and poked at security from various sides over the last couple of decades, currently focusing on modern SDLC's and how AppSec extrapolates onto the larger scheme of Security. He has a MSc in Computer Science/Security from Boston U.
Izar and Matt have collaborated on security techniques and training for the past 10 years, co-authoring a book on Threat Modeling, and an open source threat modeling automation system, pytm.