Threat Modeling with AI: Turning Every Developer into a Threat Modeler

Threat modeling has been part of the cyber security arsenal for decades, with frameworks like STRIDE, PASTA and Attack Trees well-known across the security community. There are as many free tools out there as there are paid ones. However, as useful as threat modeling is for seasoned security professionals, its frameworks and tools have never truly caught on with developers – it's still often seen as "someone else's" job.

AI-assisted coding is transforming how developers build and review software, and threat modeling must evolve to keep pace. Join Matias Madou, Ph.D., Chief Technology Officer and Co-Founder, and Chelle Saunders, Senior Product Manager at Secure Code Warrior, for a forward-looking session exploring how AI can bring the principles and practices of threat modeling directly into the developer's IDE.

In this session, we'll cover:

• Why traditional threat modeling approaches don't fit naturally into developer workflows.
• How AI is changing development practices and helping teams create more robust design, planning, and specification documents.
• Techniques for integrating threat modeling concepts into the developer's day-to-day design review and code review processes.
• See a demonstration of light-weight approaches to incorporating AI into security design reviews and code reviews developers are already doing, using the AI tools your organization already gives them access to.

Walk away better equipped to help developers combine threat modeling ideas and techniques with the AI tools they're already using – to strengthen security, improve collaboration, and build more resilient software from the start.