Building a Valid Threat Library for Cloud Based Applications
Tony UcedaVelez at AppSec EU 2018
Tapping the power of various inherent cloud monitoring and log components in order to build a dynamic threat library that can substantiate your threat model is very possible. In this talk we'll look at both Azure and AWS compnents to leverage when adding threat context and ultimately an amazing threat library to your application threat model. We'll look at exemplifying these techniques across mission critical infrastructure in Energy and Transportation.