In this presentation, John Steven talks about modeling security threats as a way to discover, understand and counteract threats while designing the system architecture. John presents threat modeling through examples focusing on authentication, authorization and session management.
John Steven is a Technical Director with Cigital, Inc. and a founding member of the company's Office of the CTO. His experience spans consulting, distributed systems architecture, operating systems, and software quality and security research. Mr. Steven holds a B.S. in Computer Engineering and an M.S. in Computer Science from Case Western Reserve University.
QCon is a conference that is organized by the community, for the community.The result is a high quality conference experience where a tremendous amount of attention and investment has gone into having the best content on the most important topics presented by the leaders in our community.QCon is designed with the technical depth and enterprise focus of interest to technical team leads, architects, and project managers.