THREAT MODELING MEDICAL DEVICES - WHEN OUR LIVES DEPEND ON IT ...

Talk Title:

Threat Modeling Medical Devices - when our lives depend on it ...

Abstract:

International regulators (such as the FDA) as well as customers and patients are expecting Medical Device Manufacturers to manage and reduce cyber security risks. Threat modeling will become a mandatory technique for medical device manufacturers, to proactively demonstrate secure design and operation of medical devices.

In this webinar we will explain practical use cases, based on real world projects and our experience with Medical Device Manufacturers.

You will learn the basics of threat modeling, to understand what you are building, how to identify threats using the STRIDE method and how to address each threat. We also cover the FDA requirements on “Security by Design”.

We will demonstrate a practical threat model covering all different stages on a CT scanner deployment in a hospital connected to a DICOM network.

At the end we will provide you with resources to start threat modeling, including our OWASP Threat Modeling Playbook and more!

Speaker Bio:

Seba (https://twitter.com/Sebadele) is co-founder, CEO of Toreon and a proponent of application security as a holistic endeavor. He started the Belgian OWASP chapter, was a member of the OWASP Foundation Board and performed several public presentations on Application Security. Seba also co-organized the yearly security & hacker BruCON conference and trainings in Belgium.

With a background in development and many years of experience in security, he has trained countless developers to create software more securely. He has led OWASP projects such as OWASP SAMM, thereby truly making the world a little bit safer. Now he is adapting application security models to the evolving field of DevOps and is also focused on bringing Threat Modeling to a wider audience.