Mr. Aditya Gupta

Dev Meets Sec: Applying STRIDE to Your First Microservice

Abstract:

Security isn’t just something you patch in later, it has to be part of how you design and build systems from Day 0. Whether you're developing a class project, launching a startup, or deploying to the cloud, thinking like an attacker can save you from real-world failures.

In this talk, we’ll explore how to take a security-first approach to building products, using threat modeling as your starting point. We’ll introduce the STRIDE framework: used by leading companies to uncover threats early and show how it applies to modern apps, from microservices to serverless APIs. We’ll walk through a real-world example so you’ll leave knowing how to model threats in your own project, understand potential risks, and prioritize defenses.

You’ll also learn where to find open-source tools, best practices, and resources to level up your security game. Whether you're a developer or a future founder, this session will help you build systems that are not just scalable, but secure by design.