The main goal of any attack in the implementation of threats - gaining unauthorised access to data.
As testers, we test application for vulnerabilities, however, the presence of some system for effective security testing will be helpful.
One of these basics can become threat modeling application. This is one of the practices of Security Development Lifecycle (SDL).
This framework allows developers and testers to identify and fix the potential safety problems in the early stages of software development.
I will tell you the basic concept of threat modelling and show how this can be done .
The presentation will be interesting to specialists who have recently meet with the software security.