If you enjoy listening to my podcast, please take a minute to leave a review here!
My guest today is Adam Shostack. Adam is a consultant, entrepreneur, technologist, game designer, and author of the book Threat Modelling: Designing for Security.
I invited Adam to talk security and discuss a concept he designed that is called threat modelling. I love the simplicity of the concept and appreciate the fact that Adam understands the complexity of security and was able to distill it into an actionable security program.
Our conversation is versatile, covering technical areas and goes up to the board level. If you have an interest in making security simple, and if your instinct tells you that defense is the new offence, you will enjoy listening to this podcast episode.
Major Take-Aways From This Episode:
- What is Threat Modelling and why CIOs need to do it?
- The definition of STRIDE Concept.
- What are the common traps associated with STRIDE?
- How does Threat Modelling differ from the similar government-style programs?
- What questions you need to ask when you threat model?
- Why is it important for CIOs to threat model and how does it help with communication at the board level?
About Adam Shostack
Adam is a consultant, entrepreneur, technologist, author and game designer. He’s a member of the BlackHat Review Board, and helped found the CVE and many other things. He’s currently helping a variety of organizations improve their security, and advising startups as a Mach37 Star Mentor. While at Microsoft, he drove the Autorun fix into Windows Update, was the lead designer of the SDL Threat Modeling Tool v3 and created the “Elevation of Privilege” game. Adam is the author of Threat Modeling: Designing for Security, and the co-author of The New School of Information Security.
How to get in touch with Adam Shostack
- More information about Adam Shostack can be found at his website: https://adam.shostack.org/
- Threat Modelling: Designing for Security, Adam Shostack
- Checklist Manifesto, Atul Gawande
Leave a Review
If you enjoyed this episode, then please consider leaving an iTunes review here
Click here for instructions on how to leave an iTunes review if you’re doing this for the first time.
* Outro music provided by Ben’s Sound