Exploring Information Security

View Original

What is threat modeling?

Originally posted August 13, 2014.

In the fifth edition of the Exploring Information Security (EIS) podcast, I talk with J Wolfgang Goerlich, Vice President of Vio Point, about threat modeling.

Wolfgang has presented at many conference on the topic of threat modeling. He suggests using a much similar method of threat modeling that involves threat paths, instead of other methods such as a threat tree or kill chain. You can find him taking long walks and naps on Twitter (@jwgoerlich) and participating in several MiSec (@MiSec) projects and events. 

In this interview Wolfgang covers:

  • What is threat modeling?
  • What needs to be done to threat model
  • Who should perform the threat modeling
  • Resources that can be used to build an effective threat model
  • The life cycle of a threat model

Your browser doesn't support HTML5 audio

What is threat modeling? With Wolfgang Georlich

[RSS Feed] [iTunes]