Level Up Your Threat Modeling: Turning Security Into a Team Adventure
Stanley Harris
BSidesSF 2026 · Day 1 · AMC Theatre 10
In this engaging and unconventional talk at BSides SF, Stanley Harris, co-founder and CEO of Catalyst, unveiled an innovative approach to an often-daunting security practice: **threat modeling**. Titled "Level Up Your Threat Modeling: Turning Security Into a Team Adventure," Harris demonstrated how leveraging the collaborative and imaginative framework of Dungeons & Dragons (D&D) can transform dry, unengaging security exercises into captivating team adventures. The presentation posits that by gamifying the threat modeling process, organizations can significantly increase developer engagement, foster cross-functional collaboration, and ultimately build more secure applications.
AI review
A competent, well-structured talk on using gamification to solve the real problem of developer disengagement from threat modeling. Harris has clearly done the work, run the experiments, and has a coherent framework — but this is a practitioner methodology talk, not research, and it lives or dies on whether the audience finds the problem worth solving.