Threat Modeling OpenSSL-Based Systems: A Hands-On Collaborative Workshop

Dive into the critical process of **threat modeling for OpenSSL-based systems** in this interactive 45-minute workshop. Through real-world scenarios, we'll explore how diverse threat models uncover distinct vulnerabilities and attack vectors. We'll analyze 2-3 specific OpenSSL use cases, such as HTTPS configurations or PKI systems, applying relevant techniques like **STRIDE-LM** or **LINDDUN**. Designed for **collaborative learning**, participants will be given a case study and will work in small groups to identify threats, vulnerabilities, and potential mitigations. Facilitated discussions will provide constructive feedback, highlighting effective strategies. By the end, attendees will have a tangible understanding of building effective threat models, enhancing their ability to proactively secure OpenSSL deployments.