42 min listen
Unavailable
ratings:
Length:
47 minutes
Released:
May 28, 2013
Format:
Podcast episode
Description
In this episode...
John discusses some of the foundational principles of Threat Modeling
We talk about why threat modeling is like your time in high school
We discuss why threat modeling is such an incredibly important tool to the enterprise
John gives us some nuggets of his experience with threat modeling enterprise applications
Guest
John Steven ( @m1splacedsoul ) - John Steven is the Internal CTO at Cigital with over a decade of hands-on experience in software security. John’s expertise runs the gamut of software security from threat modeling and architectural risk analysis, through static analysis (with an emphasis on automation), to security testing. As a consultant, John has provided strategic direction as a trusted advisor to many multi-national corporations. John’s keen interest in automation keeps Cigital technology at the cutting edge. He has served as co-editor of the Building Security In department of IEEE Security & Privacy magazine, speaks with regularity at conferences and trade shows, and is the leader of the Northern Virginia OWASP chapter. John holds a B.S. in Computer Engineering and an M.S. in Computer Science both from Case Western Reserve University.John is known for his in-depth work in software security, his expertise in the field of threat modeling, and his snarkcasm. If you don't follow John on Twitter or haven't attended one of the talks he's been known to give occasionally - I recommend you do so.
John discusses some of the foundational principles of Threat Modeling
We talk about why threat modeling is like your time in high school
We discuss why threat modeling is such an incredibly important tool to the enterprise
John gives us some nuggets of his experience with threat modeling enterprise applications
Guest
John Steven ( @m1splacedsoul ) - John Steven is the Internal CTO at Cigital with over a decade of hands-on experience in software security. John’s expertise runs the gamut of software security from threat modeling and architectural risk analysis, through static analysis (with an emphasis on automation), to security testing. As a consultant, John has provided strategic direction as a trusted advisor to many multi-national corporations. John’s keen interest in automation keeps Cigital technology at the cutting edge. He has served as co-editor of the Building Security In department of IEEE Security & Privacy magazine, speaks with regularity at conferences and trade shows, and is the leader of the Northern Virginia OWASP chapter. John holds a B.S. in Computer Engineering and an M.S. in Computer Science both from Case Western Reserve University.John is known for his in-depth work in software security, his expertise in the field of threat modeling, and his snarkcasm. If you don't follow John on Twitter or haven't attended one of the talks he's been known to give occasionally - I recommend you do so.
Released:
May 28, 2013
Format:
Podcast episode
Titles in the series (100)
DtSR Episode 144 - Insights from the ISC2 2015 Survey: In this episode... David Shearer, Executive Director for ISC2 joins us to talk about the results of the ISC2 2015 Information Security Workforce Study We ask David to highlight some of the results We discuss how malware and application... by Backpacking Light Magazine Podcasts