0x04: Shad0w Synd1cate 10001 Threat Modeling Meetup Recap –  April 2019

Collin (Unkn0wn)

Founder of Shad0w Synd1cate

We held another great Shad0w Synd1cate event last night! Thank you to our guest speaker (and fellow shad0w) Adam Englander for presenting! Also, as always, thank you to all of our members for showing up!

At this months’ meetup we had some pretty exciting news as we had what I like to call a “WORLD PREMIERE” as we released something new to the group (see below for more details)! To include, Adam presented on an extremely important topic, “Threat Modeling”. You can get the slide deck  for this presentation by clicking on the slide deck button to the left!

You are probably really curious about what this “WORLD PREMIERE ” is all about. Well let me tell you! We created our first shirt design last year to have a group shirt we could all wear to hacker summer camp conferences (DEF CON, BSidesLV, etc.). Like in good Shad0w Synd1cate culture, we gotta keep it fresh and drop something new! We are super excited to release our new shirt design for this year!

WORLD PREMIERE!

We wanted to take a different approach this time and make a more animated design. Over time, we have given our “Shad0w” mascot more personality. To include, many people had questions regarding what the weird circle spiky thing was in our logo. Some thought it was a sideways pacman eating a ghost, some thought it was a flying saucer, some even went as far as to say it was a person with their head between their legs (not sure how they got that one lol). Well we have finally announced that it is actually the portal to the “Shad0w Realm” where the shad0ws live, learn, and hack! This design showcases the shad0w realm (can you tell how nerdy I am?!)! As you can also see, we pay homage to some of the well-known hacker culture (NOTE: We do not agree with the actions some of these groups took while active. We are a white hat hacking group and do not condone black hat activity). The other exciting thing about this design is that it was made in such a way that it would look good on a shirt, poster, etc.! We hope you like the new design, and keep an eye out for when shirts and other items are available for purchase!

“Threat Modeling” by Adam Englander

Outside of the release of our new shirt design, we also had an amazing presentation by fellow Shad0w Synd1cate member Adam Englander! His topic was on Threat Modeling, which is an extremely important one that everyone should have a good understanding of. In quick recap, his presentation went over the following:

↠ An overview of what threat modeling is

↠ The threat modeling process

↠ Common tools to assist you with threat modeling

↠ A full example of threat modeling from start to finish

↠ Setting up action items for now, near, and future

It was a very insightful presentation which was followed by a ton of great questions from the group!  For the more in-depth information regarding this presentation check out the slide deck which can be located at the top of this post! I highly recommend you read through the slide deck and start asking yourself if your organization is threat modeling. If you are not currently on your company’s cybersecurity team but would like to try out the threat modeling process, threat model your home network!

Do you know every device on your network and what it does? Do you know every application that is running on your systems? How about vulnerabilities that may be present on some of your devices? It is vital that you have the answers to the above questions. The sad truth is that many times the adversary knows your entire network/setup better than you do! I would say one of the first steps to good security is just being in the know and doing your due diligence!

Thank you again to Adam for presenting!

 

In conclusion, it was another great and fun night.  This group has really evolved over time and it is refreshing to see the cybersecurity community come together every month where we can geek out, learn, and socialize. Until next month fellow Shad0ws!

 

Icons made by Smashicons from www.flaticon.com is licensed by CC 3.0 BY