In the fifth edition of the Exploring Information Security (EIS) podcast, I talk with J Wolfgang Goerlich, Vice President of Vio Point, about threat modeling.
Wolfgang has presented at many conference on the topic of threat modeling. He suggests using a much similar method of threat modeling that involves threat paths, instead of other methods such as a threat tree or kill chain. You can find him taking long walks and naps on Twitter (@jwgoerlich) and participating in several MiSec (@MiSec) projects and events.
In this interview Wolfgang covers:
What is threat modeling?
What needs to be done to threat model
Who should perform the threat modeling
Resources that can be used to build an effective threat model
The life cycle of a threat model
Leave feedback and topic suggestions in the comment section below.
This post first appeared on Exploring Information Security.