Step-By-Step Approach for Threat Modeling Cloud-Based Services

When:  Sep 28, 2023 from 05:30:00 PM to 08:00:00 PM (ET)
5:30 pm - 6:00 pm: Arrival and Networking
6:00 pm - 7:00 pm: Presentation (see the description below)
7:00 pm - 8:00 pm: Drinks and Networking (Sponsored by CSA Triangle Chapter)
Title: Step-By-Step Approach for Threat Modeling Cloud-Based Services
Summary: This session will discuss a simple approach and provide step-by-step guidance for threat modeling various cloud applications deployed in all service models (SaaS, PaaS and IaaS) using a simple spreadsheet based template. This threat modeling approach is developed as a crosswalk between STRIDE framework and Cloud Security Alliance (CSA)' CCM (Cloud Controls Matrix) keeping in mind the shared responsibility model between cloud providers and cloud consumers as a means to define a structured and repeatable process to identify and mitigate threats against valuable cloud assets.
Speaker/Bio: Shankar Chebrolu is the Director of Security Architecture at Red Hat, leading the effort of information risk assessments to identify, prioritize and manage security & privacy risks within various business & IT services hosting sensitive data. Shankar is a co-founder and current President of the Cloud Security Alliance (CSA) Triangle chapter and serves on the advisory board for cloud infrastructure program at Wake Tech Community College, Research Triangle Park (RTP). Shankar served as a Chapter Chair of IAPP KnowledgeNet Raleigh-Durham Chapter and is a co-founder of Threat Modeling Connect open community.

Location

Varonis Office
3300 Paramount Pkwy, Suite 300
Morrisville, NC 27560