My Threat Model is Your Threat Model

Explore the evolving landscape of threat modeling in this 48-minute webcast from RSA Conference. Delve into the shift from nation-state conflicts to a more complex environment where everyone is vulnerable. Examine how modern threats extend beyond physical presence and supply chain to include firmware, necessitating advanced tools for prevention and detection. Discover below-the-OS mitigations designed to safeguard BIOS, firmware, and critical data. Learn about threat modeling for secure development, individuals, and devices. Investigate persistent firmware threats, physical access risks, and supply chain complexities. Gain insights into building long-term strategic threat models and implementing "below the OS" mitigations. Presented by Rick Martinez, Senior Distinguished Engineer for Client Solutions at Dell Technologies, this webcast offers a comprehensive overview of contemporary cybersecurity challenges and solutions.

Intro
Fast facts about me...
Ask the Experts: What is threat modeling?
Threat Modeling for (Secure) Development
Threat Modeling for Individuals
Threat Modeling (for Devices and Users)
Below the OS: Pre-boot and Runtime
[Shark] Attack: "Advanced" Device-targeted TH
Persistent Threats in Firmware
Physical Access to User Devices
Supply Chain and Insider Threats
Sidebar: Supply Chain Complexity... Simplified
Building a Long-term Strategic Threat Model
Overview: "Below the OS" Mitigations Today
Potential Mitigations
Example Implementation: Dell SafeBIOS Frame RESPOND