Show all women speakers >>

Irene Michlin

Irene Michlin
Application Security
My twitter handle:


My topics:

security design threat modeling security architecture agile software development security application security lean software development sdl sdlc secure development

My languages:

English Russian

My city:


My country:

United Kingdom

Examples of previous talks / appearances:

Securing the continuous integration

Continuous integration (CI) has long left the stage of experimental practices and moved into mainstream software development. It is used everywhere from start-ups to large organisations, in variety of technology stacks and problem domains. However, the security implications of introducing CI are often overlooked or underestimated.

This talk intentionally avoids recommending a specific solution or vendor. Instead it focuses on technology and process changes involved in setting up CI environment, and aims to provide best practice guidance for introducing CI in your secure Software Development Life Cycle (SDLC). The choice of tools in various steps of CI is enormous. This presentation does not discuss their relative merits from functionality point of view, but suggests which features are necessary to allow secure integration of the tools.

This talk is in: English

Incremental Threat Modelling

Threat modelling is one of the best techniques for achieving security on architectural level. However, introducing it on existing complex projects requires time which developers may not have. This talk introduces a technique for performing threat modelling in ongoing projects without a prohibitive initial time investment.

This talk is in: English