The Application Security Podcast
Chris Romeo and Robert Hurlbut dig into the tips, tricks, projects, and tactics that make various application security professionals successful. They cover all facets of application security, from threat modeling and OWASP to DevOps+security and security champions. They approach these stories in an educational light, explaining the details in a way those new to the discipline can understand. Chris Romeo is the CEO of Devici and a General Partner at Kerr Ventures, and Robert Hurlbut is a Principal Application Security Architect focused on Threat Modeling at Aquia.
The Application Security Podcast
The Threat Modeling Manifesto – Part 1
This is part one of the story of a diverse group of security and privacy people that love threat modeling and gathered to define threat modeling, encourage people to threat model, help them succeed, and change the world. This is our story of the Threat Modeling Manifesto. Our intention is to share a distilled version of our collective threat modeling knowledge in a way that should inform, educate, and inspire other practitioners to adopt threat modeling as well as improve security and privacy during development.
We developed this Manifesto after years of experience thinking about, performing, teaching, and developing the practice of, Threat Modeling. We have diverse backgrounds as industry professionals, academics, authors, hands-on experts, and presenters. We bring together varied perspectives on threat modeling. Our ongoing conversations, which focus on the conditions and approaches that lead to the best results in threat modeling, as well as how to correct when we fail, continue to shape our ideas.
The working group of the Threat Modeling Manifesto consists of individuals with years of experience in threat modeling for security or privacy.
- Zoe Braiterman
- Adam Shostack
- Jonathan Marcil
- Stephen de Vries
- Irene Michlin
- Kim Wuyts
- Robert Hurlbut
- Brook S.E. Schoenfield
- Fraser Scott
- Matthew Coles
- Chris Romeo
- Alyssa Miller
- Izar Tarandach
- Avi Douglen
- Marc French
Other episodes on threat modeling:
- Adam Shostack — Remote Threat Modeling
- Kim Wuyts — Privacy Threat Modeling
- Izar Tarandach — Command line threat modeling with pytm
- Stephen de Vries — Threat Modeling with a bit of #Startup
FOLLOW OUR SOCIAL MEDIA:
➜Twitter: @AppSecPodcast
➜LinkedIn: The Application Security Podcast
➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast
Thanks for Listening!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~