_n2r_
As a Cybersecurity Engineer at Hughes Network Systems, an EchoStar Company, I contribute to securing vital network systems and digital assets. Outside of my role, I operate as a dedicated security researcher, driven by a profound passion for Linux, cryptography, and infosec. 💻🔐🛡️
Session
Dive into the critical process of threat modeling for OpenSSL-based systems in this interactive 45-minute workshop. Through real-world scenarios, we'll explore how diverse threat models uncover distinct vulnerabilities and attack vectors. We'll analyze 2-3 specific OpenSSL use cases, such as HTTPS configurations or PKI systems, applying relevant techniques like STRIDE-LM or LINDDUN.
Designed for collaborative learning, participants will be given a case study and will work in small groups to identify threats, vulnerabilities, and potential mitigations. Facilitated discussions will provide constructive feedback, highlighting effective strategies. By the end, attendees will have a tangible understanding of building effective threat models, enhancing their ability to proactively secure OpenSSL deployments.