Down The Security Rabbithole

In this episode... John discusses some of the foundational principles of Threat Modeling We talk about why threat modeling is like your time in high school We discuss why threat modeling is such an incredibly important tool to the enterprise John gives us some nuggets of his experience with threat modeling enterprise applications Guest John Steven ( @m1splacedsoul ) - John Steven is the Internal CTO at Cigital with over a decade of hands-on experience in software security. John’s expertise runs the gamut of software security from threat modeling and architectural risk analysis, through static analysis (with an emphasis on automation), to security testing. As a consultant, John has provided strategic direction as a trusted advisor to many multi-national corporations. John’s keen interest in automation keeps Cigital technology at the cutting edge. He has served as co-editor of the Building Security In department of IEEE Security & Privacy magazine, speaks with regularity at conferences and trade shows,