Threat Modelling and Beyond with CAIRIS
  • Date
    November 24, 2022
  • Time
    10:00 AM EDT
  • Broadcast At
    Zoom Live
Webinar Speaker
Webinar Speaker Profile Pic

Dr. Shamal Faily

Dr. Shamal Faily Principal Scientist @Defence Science and Technology Laboratory (Dstl), UK Dr. Shamal Faily is a Principal Scientist in the Software & Systems Dependability Team at the Defence Science and Technology Laboratory (Dstl). He has long standing interests on how security can be ‘built in’ to the earliest stages of a software product or service’s design, and how software remains secure and usable when used in different contexts.

About Webinar

Secure software needs design assurance, but code is too granular to spot all design problems. Moreover, contemporary threat modelling practices don’t account for the broader context of use, which could be the source of human errors or violations. CAIRIS is an open-source platform created to understand how tool-support could help design systems which are both secure and usable. In this talk, I’ll introduce CAIRIS and its key concepts, walk through how to carry out some simple threat modeling that accounts for context of use, model security risks, and consider how CAIRIS can be integrated into existing software design tool-chains.

📚 What will you learn?

✅ Glean an understanding of what CAIRIS is, and where it is useful and is not useful.

✅ Learn how to install and get started with CAIRIS.

✅ Model not just threats but key context of use elements of a system.

✅ Learn how to model risks and kill-chains of risks.

✅ Draw ideas on how to integrate CAIRIS into your own tool-chains.