[Owasp-sydney] BSIMM Slides from AISA Sydney Branch Meeting

NG, Paul (GE Capital, Non-GE) paul.ng1 at ge.com
Sun Oct 10 22:40:30 EDT 2010

Thanks heaps Christian. The figures are very helpful.

Paul Ng 
GE Capital Asia

T  +61 2 8249 3819
DC *345-3946
F  +61 28249 3634
Paul.Ng1 at ge.com 

Level 11, 255 George Street
Sydney NSW 2000

-----Original Message-----
From: Christian Heinrich [mailto:christian.heinrich at cmlh.id.au] 
Sent: Saturday, October 09, 2010 10:10 AM
To: NG, Paul (GE Capital, Non-GE)
Cc: owasp-sydney at lists.owasp.org
Subject: Re: [Owasp-sydney] BSIMM Slides from AISA Sydney Branch Meeting


On Fri, Oct 8, 2010 at 5:03 PM, NG, Paul (GE Capital, Non-GE)
<paul.ng1 at ge.com> wrote:
> I was wondering if you have stats on how prevalent "Threat-modelling"
> concept or developed toolkits are now being used by major enterprises?
> Will you have the figures or measures of how actively this is being 
> applied in perspective of Security-governance or Security in SDLC?

"Threat-modelling" is inferred as "Attack Models" in BSIMM i.e.

The frequency of when activities related to "Attack Models" were
observed is noted within http://bsimm2.com/i/bsimm2_scorecard.gif

Christian Heinrich


Mobile: +61 433 510 532 (AEST +10 GMT/UTC)
SkypeID: cmlh.id.au

This e-mail and any attachment is intended only for the exclusive and confidential use of the addressee(s). If you are not the intended recipient, any use, interference with, disclosure or copying of this material is unauthorised and prohibited. If you have received this message in error, please notify the sender by return e-mail immediately and delete the message from your computer without making any copies. Please see http://www.ge.com/privacy.html for information about our privacy practices.

More information about the Owasp-sydney mailing list