Threat Modeling Vs The Bottom Line: What's the ROI?

Threat Modeling Vs. The Bottom Line: What's the ROI?

In a rare opportunity with our partners, TachTech, we’re hosting Jimmy Sanders, Head of Information Security at Netflix, as he meets three leading authorities on threat modeling who will pitch it against the bottom line.

Thursday 22nd April: 09:30 PT / 12:30 ET / 17:30 BST

Save your place

Regardless of whether security budgets are being boosted or squeezed, the same questions around ROI are pertinent when it comes to purchasing conversations (…this is also true of threat modeling).

Join us as we get to the centre of it all

Whether you’re someone who wants to know more about the value of threat modeling and secure design, or the person who has to have the answer to these questions, don’t miss this! 

Meet the speakers

Jimmy Sanders

Head of Information Security

Netflix, DVD

Jimmy Sanders is a well-respected and well-known member of the security community, both as an ISSA chapter president (San Francisco Bay Area), but as a board member of the ISSA International Board of Directors and the Information Security Leaders Foundation.

Stephen de Vries

CEO and Co-Founder


Stephen is an active contributor to a number of OWASP projects and once led the OWASP Java Project. Throughout his career as a security consultant and CEO, he has helped global organisations build security into their development processes.


Izar Tarandach

Principal Security Engineer


A long-time security and continuous threat modeling practitioner, Izar is co-author of the recent book release, the O’Reilly Threat Modeling: A Practical  Guide for Development Teams’. He has implemented the continuous threat modeling methodology throughout his career and also created a Pythonic framework for threat modeling, pytm.

Fraser Scott

VP Product


Fraser has recently joined IriusRisk from Capital One, where he was responsible for the adoption and implementation of enterprise threat modeling. With his background in DevOps and Cloud Security, he has created several experimental open-source projects including the OWASP Security Project, and Threatspec.