In this episode of the Threat Modeling Podcast, host Chris Romeo takes listeners on a journey through the intricate world of threat modeling. Joined by senior security consultant Gavin Klondike, the episode delves into Gavin's experiences and insights into threat modeling, particularly in the context of artificial intelligence and machine learning. Gavin shares a detailed case study, discussing methodologies, strengths, weaknesses, and the importance of holistic threat modeling processes. The...

In this podcast episode, Nandita Rao Narla explores the reasons why privacy threat modeling programs often fail, such as being expensive with a lot of friction in the development lifecycle, misalignment with organizational strategies focused on compliance rather than risk, and difficulty demonstrating a clear return on investment. Nandita highlights some successful strategies, including leveraging existing security threat modeling resources, simplifying the approach for better adoption like A...

Nandita Rao Narla introduces the basics of privacy in software. She discusses privacy threats, privacy threat modeling, and privacy by design. Suppose you write or handle software that touches user information. In that case, you need to understand privacy, how to assess and mitigate privacy concerns, and know when to implement privacy concerns into a design. This episode of the Threat Modeling Podcast is the perfect primer to raise awareness of the critical role privacy concerns should play...

Akira Brand joins Chris to talk about her journey into threat modeling, her early experiences, some lessons learned, and how she knew her threat model was successful. Akira's experiences emphasize the importance of collaboration, understanding the application, and using tools and diagrams to aid the process. Akira is a visual thinker and draws parallels between surgical checklists and the STRIDE model. Akira emphasizes the importance of a comprehensive approach, likening the STRIDE model to...

Dr. Michael Loadenthal specializes in threat modeling beyond the conventional realm of technology. Companies today face multifaceted challenges, including political, legal, and technical threats. Solutions to these problems can also be varied. A comprehensive threat model should consider many dimensions, such as political, legal, ethical, and social. Whether advising activist groups or high-profile individuals, Dr. Loadenthal emphasizes a comprehensive understanding of the threat landscape...

The AppSec community agrees that threat modeling is essential, but many struggle to implement it effectively. Using insight from the LinkedIn community, Chris lays out a comprehensive Threat Modeling strategy to guide AppSec teams to success in this critical discipline. Before starting, consider the organization's culture, tech debt, and current risk posture. Threat modeling will not be successful in an organization that doesn't prioritize security! Tie threat modeling to the success of the...

Engineering-led, developer-focused, or software-centric threat modeling: they all have software in common. Composing software into functions through the user story's lens is important. Farshad Abasi shares his journey from being a software engineer to forming a global AppSec team at HSBC Bank. Farshad expresses the importance of asset-based threat modeling and the need to keep things simple. He emphasizes the importance of focusing on the user story and considering the "comma, but" scenario...

What is the connection between threat modeling and product development? How can you apply lean product management and focus on understanding the user's needs while still threat modeling? Prepare to explore product-led threat modeling. The conversation delves into the importance of taking responsibility for security and using the language of the teams being influenced. Michal shares his process for conducting a threat modeling session, including using rapid risk assessment and STRIDE...

In this episode, we discuss the four-question framework for threat modeling with its creator, Adam Shostack. We dive deep into the meaning and purpose of each question and how they simplify the threat modeling process. The four questions are: 1) What are we working on? 2) What can go wrong? 3) What are we going to do about it? 4) Did we do a good job?  Adam explains that these questions are not a methodology but a foundation for a more practical approach to threat modeling. We also discuss...

In episode one of the Threat Modeling podcast, host Chris Romeo explores various definitions of threat modeling gathered from industry experts. The podcast discusses whether risk assessment and threat modeling are the same, the essence of threat modeling, collaboration and documentation, identifying and mitigating threats early, the Five W's and an H approach, structured brainstorming, and proactive security. The Threat Modeling Manifesto's definition is favored by Chris, which states that...

On this podcast, we'll journey together into the world of threat modeling. On this journey, we'll learn the history of threat modeling, hear from influential folks, explore the available methodologies and tools, and have fun.  My name is Chris Romeo, and I've been threat modeling my entire 25+ year career in security. In addition, I host other podcasts, including the Application Security Podcast and the Security Table. The AppSec Podcast is an interview format where my co-host Robert Hurlbut...