2025-10-08 –, Krakow/ Business Value & Enterprise Adoption
Dive into the critical process of threat modeling for OpenSSL-based systems in this interactive 45-minute workshop. Through real-world scenarios, we'll explore how diverse threat models uncover distinct vulnerabilities and attack vectors. We'll analyze 2-3 specific OpenSSL use cases, such as HTTPS configurations or PKI systems, applying relevant techniques like STRIDE-LM or LINDDUN.
Designed for collaborative learning, participants will be given a case study and will work in small groups to identify threats, vulnerabilities, and potential mitigations. Facilitated discussions will provide constructive feedback, highlighting effective strategies. By the end, attendees will have a tangible understanding of building effective threat models, enhancing their ability to proactively secure OpenSSL deployments.
This hands-on workshop guides participants through threat modeling for OpenSSL-based systems. Using real-world scenarios, attendees will collaborate in groups to apply threat modeling techniques, identifying and mitigating security risks in OpenSSL deployments. Gain practical experience to enhance your security posture.
As a Cybersecurity Engineer at Hughes Network Systems, an EchoStar Company, I contribute to securing vital network systems and digital assets. Outside of my role, I operate as a dedicated security researcher, driven by a profound passion for Linux, cryptography, and infosec. 💻🔐🛡️
Hi, I’m Tanishq Javvaji — Cyber Security Analyst with proven expertise in incident response, threat detection, and digital forensics across cloud and on-premises environments. I have a strong track record of optimizing SIEM and EDR tools-such as Splunk, Elastic Security, and Cortex XSOAR-to reduce false positives and improve response times, achieving measurable improvements in operational efficiency and security posture.
My hands-on experience includes leading investigations of major security incidents, automating IR playbooks, and integrating threat intelligence to proactively defend against advanced threats. I have successfully managed and triaged hundreds of alerts across Windows, Linux, and MacOS endpoints, utilizing frameworks like MITRE ATT&CK and the Cyber Kill Chain to drive effective remediation and containment.
I am passionate about leveraging automation, cloud-native technologies (AWS, Azure, GCP), and scripting (Python, Bash, PowerShell) to streamline security operations and enable scalable, resilient solutions. My background also includes GRC assessments, compliance (NIST, CIS, HIPAA, GDPR, PCI-DSS, ISO 27001), and mentoring junior analysts to build high-performing security teams.
Certified in CEH, GCIH, Security+, and eJPT, I thrive in fast-paced environments where clear communication, technical rigor, and continuous learning are essential to success. I am eager to contribute my expertise to organizations seeking to enhance their security programs and proactively address emerging cyber threats.