2023-10-31 –, Main Stage
When we talk about tech stacks we usually think about big organizations running systems, but in the current day and age we too have a large digital footprint. In this talk we will go over mapping out our personal tech stack and start identifying any threats that could be useful to help prevent stalking and harassment, or at least be aware of the risks you encounter.
In the presentation I’ll give an example of a basic threat modeling that can be applied to our personal digital footprint.
We start with creating an overview of all apps, services and accounts that we use and contain personal information, focusing on those that can be exploited for stalking or bullying purposes. From there we will apply threat modeling methods, mainly persona non grata, to identify how they can be exploited by malicious actors. Either working from publicly shared information or who might have gained access to private details in legitimate or illegitimate ways.
Dany has been working as penetration tester and DevSecOps engineer for 5 years, in several large organizations. One of my roles is teaching basic threat modeling techniques to dev teams.