Adam Shostack Threat Modeling 5 Minute AppSec

Automatic TRANSCRIPT

if you've done anything with threat modeling you've heard of adam show stack and on this five minute knapsack we asked adam a very simple question why would anybody ever threat model you know it's a great question threatened modeling is fundamentally the best way to make sure that you're security activities are structured systematic and comprehensive by asking what are we working on on you could make sure that the things that you're working on are getting considered by using a structured approached asking what can go wrong likes dried or attack trees or killed chain you've been systematically dramatically go subaru each of these elements of you're system to make sure you've thought about security and that could inform vian entire remainder of your apps that program program and activities if you don't scratch model you're shooting in the dark and hoping to hit the right things stay tuned for our next episode where you'll hear the full interview we did with adam on the topic of threat modeling layer eight or looking at threat modeling from the human problem perspective and if you ever wonder what happens behind the scenes here at the application security podcast continue listening for are first attempt at recording this five

Coming up next