Threat modeling isn’t exactly a new concept, but it has recently become a must-have in product design. With cybersecurity threats on the rise and the pressure to deliver faster, security often ends up on the back burner—usually discovered during QA or, worse, after the code is already out the door. At that point, it’s either a headless-chicken chase to fix things or a recipe for disaster.
Developers are the ones who really know how applications are supposed to work, so security needs to be part of the conversation from the start. Yet, for some reason, threat modeling is still seen as a "cybersecurity expert-only" club.
In this talk, I’ll walk through the threat modeling process, highlight key risk concepts, and show how we can all work together to avoid those "oops" moments. Because, honestly, building secure applications is way more fun when we’re all in it together!
Developers are the ones who really know how applications are supposed to work, so security needs to be part of the conversation from the start. Yet, for some reason, threat modeling is still seen as a "cybersecurity expert-only" club.
In this talk, I’ll walk through the threat modeling process, highlight key risk concepts, and show how we can all work together to avoid those "oops" moments. Because, honestly, building secure applications is way more fun when we’re all in it together!
Bárbara Teruggi
Originally from Argentina, I've been living in the Barcelona area for +20 years. Started in the IT world in 2006, building my career within the Finance and Insurance businesses.
My path at my current company started as an analyst programmer in different areas (business oriented and also more technical tasks). I have also been working on DevOps and development support duties, until my current position as a Security Architect.
I am passionate about cybersecurity and love to engage into all sorts of conversations to share my experiences and also to learn from others.
My focus is primarily around application, API & product security, B2B and other third-party integrations, authentication & authorization processes.
In my free time I enjoy music, reading, climbing, pilates, traveling, socializing and spending time with my dog.
My path at my current company started as an analyst programmer in different areas (business oriented and also more technical tasks). I have also been working on DevOps and development support duties, until my current position as a Security Architect.
I am passionate about cybersecurity and love to engage into all sorts of conversations to share my experiences and also to learn from others.
My focus is primarily around application, API & product security, B2B and other third-party integrations, authentication & authorization processes.
In my free time I enjoy music, reading, climbing, pilates, traveling, socializing and spending time with my dog.