September In person meeting at Palm Beach State College

Details

Please join us on September 21, 2023, at Palm Beach State College campus in Lake Worth, in the CE building room 0118 and attend this year’s most educational Cybersecurity session. This month will be a joint meeting with South Florida OWASP (SFOWASP). There will be Networking following the scheduled talk(s).

Location: Palm Beach State College – CE building, room 118

Agenda:

  • Chapter updates/announcements, upcoming events – SFISSA
  • Chapter updates/announcement, upcoming events – SFOWASP
  • Talk – given by Gustavo Nieves Arreaza (Threat Modeling/ChaptGPT)
  • Networking

Talk: presented by Gustavo Nieves Arreaza

Title: Transforming Threat Modeling: Harnessing ChatGPT for Automated Security Analysis

Abstract: Traditional manual threat modeling is resource-intensive. This talk explores a game-changing approach using ChatGPT, an advanced language model, to automate and enhance threat modeling. Attendees will understand ChatGPT’s potential in revolutionizing cybersecurity processes.

Session Highlights:

  1. Introduction to ChatGPT: Uncover the versatility of advanced language models in cybersecurity. Explore their applications in threat modeling.
  2. Automating Threat Modeling: Learn how ChatGPT streamlines threat modeling, increasing efficiency by reducing manual efforts.
  3. Generating Dynamic Threat Models: See how ChatGPT assists in crafting threat models from system architecture, user stories, and design documents.
  4. Elevating Accuracy and Scope: Discuss techniques for refining accuracy and coverage of automated threat models generated by ChatGPT.
  5. Integration and Synergy: Explore seamless integration of automated threat modeling into existing security processes. Understand how collaboration between AI systems and security professionals can be encouraged.

Key Takeaway: Attendees gain insights into leveraging ChatGPT for efficient threat modeling, enabling organizations to identify and mitigate security risks effectively.

Speaker’s Bio: Gustavo Arreaza is an Application Security Engineer with 7+ years of demonstrable expertise in deploying and overseeing a spectrum of application security tools, including HP Fortify, Checkmarx, Synopsys, and AppScan. Gustavo is proficiently skilled in provisioning Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), Software Bill of Materials (SBOM), Interactive Application Security Testing (IAST), and Runtime Application Self-Protection (RASP) for a wide range of platforms: web applications, mobile apps, API clients/servers, and microservices.

Adept in crafting meticulous remediation strategies, crafting robust DevSecOps pipelines, and orchestrating comprehensive security evaluations for applications and cloud environments within the purview of Azure and AWS DevOps frameworks. Well-versed in adroitly configuring AppSec tools in cloud environments, actively participating in secure application design forums, and extending valuable guidance on secure Software Development Life Cycle (SDLC) controls using OWASP and NIST standards. To learn more about (or to connect with) him, visit https://www.linkedin.com/in/gustavoarreaza/