Annually, in the month of September, OWASP the South Florida chapter (SFOWASP) holds a joint meeting with South Florida ISSA (SFISSA). For this year’s joint meeting, please join us on September 21, 2023, at Palm Beach State College (PBSC) the campus at Lake Worth, CE Building Room 0118.
Location: Palm Beach State College – CE building, room 118
- Chapter updates/announcements, upcoming events – SFISSA
- Chapter updates/announcement, upcoming events – SFOWASP
- Talk – given by Gustavo Nieves Arreaza (Threat Modeling/ChaptGPT)
Talk: presented by Gustavo Nieves Arreaza
Title: Transforming Threat Modeling: Harnessing ChatGPT for Automated Security Analysis
Abstract: Traditional manual threat modeling is resource-intensive. This talk explores a game-changing approach using ChatGPT, an advanced language model, to automate and enhance threat modeling. Attendees will understand ChatGPT’s potential in revolutionizing cybersecurity processes.
- Introduction to ChatGPT: Uncover the versatility of advanced language models in cybersecurity. Explore their applications in threat modeling.
- Automating Threat Modeling: Learn how ChatGPT streamlines threat modeling, increasing efficiency by reducing manual efforts.
- Generating Dynamic Threat Models: See how ChatGPT assists in crafting threat models from system architecture, user stories, and design documents.
- Elevating Accuracy and Scope: Discuss techniques for refining accuracy and coverage of automated threat models generated by ChatGPT.
- Integration and Synergy: Explore seamless integration of automated threat modeling into existing security processes. Understand how collaboration between AI systems and security professionals can be encouraged.
Key Takeaway: Attendees gain insights into leveraging ChatGPT for efficient threat modeling, enabling organizations to identify and mitigate security risks effectively.
Speaker’s Bio: Gustavo Arreaza is an Application Security Engineer with 7+ years of demonstrable expertise in deploying and overseeing a spectrum of application security tools, including HP Fortify, Checkmarx, Synopsys, and AppScan. Gustavo is proficiently skilled in provisioning Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), Software Bill of Materials (SBOM), Interactive Application Security Testing (IAST), and Runtime Application Self-Protection (RASP) for a wide range of platforms: web applications, mobile apps, API clients/servers, and microservices.
Adept in crafting meticulous remediation strategies, crafting robust DevSecOps pipelines, and orchestrating comprehensive security evaluations for applications and cloud environments within the purview of Azure and AWS DevOps frameworks. Well-versed in adroitly configuring AppSec tools in cloud environments, actively participating in secure application design forums, and extending valuable guidance on secure Software Development Life Cycle (SDLC) controls using OWASP and NIST standards. To learn more about (or to connect with) him, visit https://www.linkedin.com/in/gustavoarreaza/