Secure Coding and Threat Modeling
Miriam Celi is a Technical Leader in Humana’s IT Quality Assurance Software Security organization. She’s a software professional with over 20 years of IT industry experience, the last 7 of which have been focused in the security field serving clients in both the public and private sectors.
Over the course of her career, she has worn many hats and performed various roles such as system administration, software development, testing, training, and consulting. Miriam has experience working in large and small corporations, building and supporting enterprise and consumer products. These varied experiences provided great learning opportunities as well as being able to work with customers assisting them in tackling and solving challenging problems.
Miriam has a strong technical background built from experience and education. She has a Master of Science Degree in Computer Science from Florida Atlantic University, a Master’s Degree in Business Administration from Nova Southeastern University, and is an (ISC)² Certified Information Systems Security Professional (CISSP®) and a GIAC Information Security Professional (GISP).
Her areas of expertise include: software security, architecture, design, implementation, deployments, audits, requirements gathering, gap analysis, threat modeling, vulnerability assessments, mitigation planning and incident response.
As our reliance on computer systems, smart devices and the internet has increased over the years, so has the number of attacks on vulnerabilities that have not been taken into consideration during the software development life cycle. Data breaches and other security incidents can damage a company’s reputation and can have serious consequences on the company’s financial position.
In this presentation, the topics of secure coding and threat modeling are discussed along with the most common security risks for web and mobile applications. Secure coding and threat modeling can help software developers build products and services with security in mind. These practices help prevent vulnerabilities early in the software development life cycle, and enhances the application security in a proactive manner, leading to increased customer satisfaction and an improved security posture for the company.