“Is our system secure?”
No, it’s not.
There’s no absolutely secure system.
Apps get broken all the time, often in ways its designers never even imagined. Attacks thought to be beyond the ability of mortal men yesterday become common thing today. So the term "security" doesn't have any real meaning unless we can answer questions like "Secure from whom?" or "Secure for how long?"
But in order to answer all these questions, we need an efficient and understandable way to model threats against our system. Enter attack trees.
Attack trees provide us with a new way of understanding how our system might be attacked and how to prioritize security measures to be implemented. It also makes it easy for product managers and technical people to have a conversation about the prioritization of security features, and to understand whether a new feature will affect the security of the system. Finally, attack trees are designed to ensure that the whole team has visibility and even ownership of the security process for the product.
In this session we’ll learn how to approach our system in a new way, how to think like an attacker, how to document, evaluate and rate the threats, and how to communicate them effectively to the whole team.