Establish and Mature Threat Modeling Practices at SAP Customer Experience | DevOps Connect: DevSecOps 2023

July 5, 2023

Threat modeling plays a vital role in SAP’s secure software development life cycle and shifting security left. Here at SAP, different lines of business and teams adopt various approaches while playing devil’s advocate and identifying threats in the architecture during the design phase. At SAP Customer Experience, we have been conducting numerous threat modeling exercises over the years, across all CX product lines. In this talk, we’ll see how to use threat modeling to find the worst vulnerabilities hidden in the complexity of our systems by uncovering architectural flaws early, exposing attack surfaces and identifying attack vectors. Join this session to hear firsthand stories, learn the process of conducting workshops, hear about the challenges faced and do’s and dont’s and best practices from our experiences.

Share some ❤
starts in 10 seconds