Let’s Check Let’s Encrypt: A Tool for Code-Driven Threat Modeling

BSidesROC 2016

Presented by: Christopher Wood
Date: Saturday April 23, 2016
Time: 10:30 - 10:55
Location: Track 3

Threatspec is a tool for code-driven threat modeling. It allows threat models to be codified alongside software as it is developed. This enables the threats to evolve organically in the software development lifecycle. In this talk we will present Threatspec and show how it can be applied to Let’s Encrypt.

Christopher Wood

Christopher Wood is a third year Ph.D. student at the University of California Irvine, focusing on the intersection of cryptographic engineering, content-centric networking security, and related applications. He is also a member of the CCNx core development team at PARC. He obtained a B.S. in software engineering and computer science and an M.S. in computer science from the Rochester Institute of Technology (RIT) in 2013. He was a summer intern at PARC in the summers of 2013 and 2014. Earlier, he interned at Intel, L-3 Communications, and other small software firms. Christopher is a recipient of the NSF GRFP fellowship, and a student member of the IEEE, SIAM, ACM, and IACR.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats