We came, we saw, we talked threat models. ThreatModeler Software, Inc. hosted a sponsored booth at the RSA Conference held in San Francisco. Great conversations occurred, with people expressing interest in DevSecOps – including how to implement threat modeling to shift security left in their cloud. Armed with a new white paper that drew positive response, titled, “DevSecOps – Blueprint for Security,” Team ThreatModeler was on hand to answer questions and make it known that ThreatModeler is the only solution that:
- Enables technology delivery teams to identify threats in their entire cloud environments
- Sends threats through IT ticketing solutions for mitigation
- Achieves a thorough understanding of the threats in their attack surface
A simple, yet effective presentation, ThreatModeler came to RSA Conference with a screen and a banner. People were intrigued, observing the gargantuan booths that others had to showcase. One attendee Tweeted about us, labeling us a “rare species” on his “RSA nature walk” for not only our booth presence, but also our ability to help AWS cloud architects to build secure apps.
One threat that no one anticipated was the mayor of San Francisco’s declared state of emergency. The same Tuesday that the RSA Conference was occurring, the mayor’s issuance caused a state of unrest. Although she said it was a gesture of “preparedness.” No handshakes, lots of Purell. Yet technology and cybersecurity professionals still managed to strike engaging conversation about technology and the cloud, including ThreatModeler’s Technology Partnership with AWS.
Times are changing as more organizations make the migration to the cloud. According to Pratik, Thakker, ThreatModeler’s Director of Customer Success, approximately 30-40% of the visitors were interested in AppSec, while the rest were interested in the cloud technology life cycle (CDLC). ThreatModeler’s AWS Accelerator and AWS Assist – two features that take the guesswork out of identifying threats on the AWS cloud – made AWS customers aware of the potential, a big realization.
Threatmodeler’s Technology Partnership With AWS Was a Conversation Starter
Lots of visitors already had ThreatModeler on the list of booths to visit. Team Threatmodeler was excited to bring the platform’s features to life, soliciting a positive response from CISOs, and technology delivery teams further requesting a demo. For the attendees who didn’t have us on their agenda, but wanted to know what the next step in threat modeling is, they were excited to hear about AWS.
A lightbulb went off when RSA Conference attendees learned that we are aligned with AWS best practices. A conversation had several times over the course of the conference was:
“AWS and threat modeling? Tell me what you can do.”
“Automatically build threat models. Integrate with CI/CD. It goes to Jira, it’s bidirectional,” Alana Ezderman, Head of Marketing, explained. “Those were some of the key points that piqued their interest and had attendees asking for more.”
Since technology implemented varies from organization-to-organization, there were attendees who wanted to learn more about the AppSec edition. Still, other customers had questions that we are happy to answer here. Team ThreatModeler was thrilled to provide a deep dive on the various components within the Platform.
Can you threat model containers?
Yes, with ThreatModeler, you can identify, prioritize and mitigate threats.
Can you integrate with other CI/CD tools?
Yes, you can. ThreatModeler comes ready to integrate with Jenkins and Azure Pipelines.
Are there any APIs?
Yes. AWS provides an open API so that any of its features can be further automated.
Do you do threat modeling for legacy applications?
Yes. ThreatModeler offers its AppSec Edition for DevSecOps teams to secure its on-premise IT infrastructure.
Visualize, Identify and Address Security Threats with Security Controls with ThreatModeler
ThreatModeler is leading the way for automated threat modeling to secure your cloud with its industry leading platform. DevSecOps involves the shifting left of security to the planning and design stages. ThreatModeler enables technology development life cycle architects to consider security before anything gets built. With its Toolkit, users can easily search for components, then drag and drop right into the Diagram screen canvas. With the Diagram toolbar, you can manipulate and modify components, including grouping them. Connectors describe the communication flow between components.
ThreatModeler was handpicked as one of the Top 25 Cyber Security Companies for 2020 in CIO Applications magazine. Read the official interview here. To learn more about how ThreatMmodeler can help you to secure your CDLC through its automated platform, schedule a demo. You can also contact us to speak with a live threat modeling expert.