In the fifth edition of the Exploring Information Security (EIS) podcast, I talk with J Wolfgang Goerlich, Vice President of Vio Point, about threat modeling.

Wolfgang has presented at many conference on the topic of threat modeling. He suggests using a much similar method of threat modeling that involves threat paths, instead of other methods such as a threat tree or kill chain. You can find him taking long walks and naps on Twitter (@jwgoerlich) and participating in several MiSec (@MiSec) projects and events. 

In this interview Wolfgang covers:

• What is threat modeling?

• What needs to be done to threat model

• Who should perform the threat modeling

• Resources that can be used to build an effective threat model

• The life cycle of a threat model

Leave feedback and topic suggestions in the comment section below.

This post first appeared on Exploring Information Security.