SecAppDev 2026 Faculty
Steven Wierckx
Application Security Consultant, Toreon
I’m an SDLC security specialist with 20+ years of experience in training, programming, security testing, code review, test automation, analysis, development, and database design. I have guided organizations in achieving SDLC compliance for FDA MDR and ISO 27001. I’m passionate about secure development and have helped many teams improve their practices. I regularly speak and train at conferences including OWASP AppSec USA, O’Reilly Security Conference, Hack In The Box Amsterdam, 44CON, BlackHat EU, and BruCON. I have created and taught courses on threat modeling, secure programming, security awareness, and software security testing.
Don't miss out on SecAppDev!
Grab your seat nowThreat modeling with AI
One-day workshop by Steven Wierckx in room West Wing
Thursday June 5th, 09:00 - 17:30
This workshop aims to introduce SecAppDev participants to integrating AI assistance into their threat modeling workflows. Participants will learn how to leverage AI for diagramming, threat identification, and countermeasure recommendations to speed up threat model analysis.
To bring these concepts to life, the workshop includes a guided case study on a Digital Wallet / Payment App, where participants will use AI tools to generate a data flow diagram, identify threats using STRIDE, propose mitigations mapped to industry standards, and summarize findings for business stakeholders.
Learning goal: This session with theorethical points and an integrated exercise provides an engaging, end-to-end view of how AI can support, but not replace, human judgment in threat modeling.