(Ab)user Experience: How the dark side of Product and Security can be used for (ab)user stories, (mis)use cases and threat modelling

Hosted by xDesign

Security can often feel like an unapproachable and mysterious part of an organisation – the department of work prevention, the department of “nope.” But it doesn’t have to be that way.

In this talk we will look at the unintended users of a product, the “threat agents”.

By engaging the Security team in the Product process, we can model the dark side of use cases and user stories through threat modelling techniques. This can help demystify impenetrable security NFRs through concrete examples of how these threat agents may try to misuse your shiny new digital product.


Who this event will benefit

  • Those building products/apps exposed to the web
  • People who are wanting to build out an awareness of the possible attack vector use cases (i.e. how might you be attacked)
  • People who need to write that down as a set of requirements to help build a DevSecOps approach in projects



Jeff Watkins, Chief Product and Technology Officer at xDesign

Jeff is a technology leader, blogger, public speaker, coder and architect with over 20 years’ experience within the IT industry, working across the public and private sectors. A self-confessed “lifetime technologist” – having started coding when he was six years old – Jeff’s career has taken him from working for household name organisations in financial services to healthcare and retail in various roles. Aside from being xDesign’s CPTO, Jeff is really passionate about CyberSecurity (having previously spoken at LDF on the future of CyberCrime) and is currently studying for a Masters degree on the topic.

Jeff has delivered talks across the country to share his expertise, insight, and join the many debates within the tech space, covering technical topics through his extensive software delivery experience, as well as business- and people-centric topics through knowledge gained in technology leadership roles.


Lianne Potter, Cyber Anthropologist at The AnthroSecurist

Lianne is an award-winning cyber anthropologist and security transformation leader with experience in the retail, healthcare, finance, private and non-profit sectors.

Her consultancy, The AnthroSecurist, enables teams in complex organisations to understand each other’s motivations, identify barriers that have prevented good security practices in the past, and provide practical steps and insights to increase collaboration between the security team and the rest of the organisation.

Lianne is also the Head of SecOps for the largest greenfield technology project in Europe where she builds strategies to create sustainable security cultures throughout the organisation.

As a respected speaker, Lianne has delivered talks across the globe to share her vision for a new type of security function. Drawing upon her expertise as an anthropologist, her practical experience as a security-focused software developer and as a security practitioner; Lianne combines the human and the technical aspects of security to evangelise a cultural security transformation.

Cyber Security
(Ab)user Experience: How the dark side of Product and Security can be used for (ab)user stories, (mis)use cases and threat modelling
21st Sep 2022 4:00pm - 6:00pm
Hosted by xDesign
Platform (Rooms A&B), New Station St, Leeds LS1 4JB

All events

All sponsors