Adam Shostack -- Fast, cheap and good threat models
The Application Security Podcast
00:00
Threat Modelling
The three things, the fast, cheap and good threat models you're talking about are good. But fortunately, unfortunately, that's almost like something you you can kick off as a conversation over lunch when you're not teaching. We have these structures and methodologies, like stride or kill chains in the four questions, that give us a lot of ways to be structured and systematic in how we thret model. Unfortunately, those make thret modelling heavy weight, slow and expensive. Fortunately, we've got faster, cheaper ways that we can do it. And so if people come away from that with this belief that to threat model, as robert said, you need an expert and they have
Transcript
Play full episode
