• Ep. 136: Establishing Threat Modeling Practices in your SDLC

  • May 8 2024
  • Length: 18 mins
  • Podcast
Ep. 136: Establishing Threat Modeling Practices in your SDLC By cover art

Ep. 136: Establishing Threat Modeling Practices in your SDLC

Listen for free

View show details

  • Summary

  • Send us a Text Message.

    In this episode, Peter Maddison and David Sharrock discuss how to integrate threat modeling into the secure development lifecycle (SDLC) at scale. They cover the importance of shifting security practices left, and how to establish communication channels between development teams and security experts.

    Key takeaways:

    • Threat modeling is a security practice that involves identifying and mitigating potential threats to an organization's assets.
    • Threat models should be created and maintained early in the SDLC, but don't need to be updated for every minor change.
    • A mechanism for ongoing communication between developers and security professionals is essential for effective threat modeling.

    Resources:

    • Sooner Safer Happier by Jonathan Smart - https://www.goodreads.com/en/book/show/50343488
    • Larry Maccherone https://www.youtube.com/watch?v=EyS1kmmlA5Y
    • Martin Fowler blog https://martinfowler.com/articles/scaling-architecture-conversationally.html

    Whether you're diving into DevSecOps or just looking to get a handle on threat modeling at scale, this episode is a must-listen. Tune in now as Dave and Peter discuss how to future-proof your organization!

    Show more Show less
Management Economics
Show more Show less

What listeners say about Ep. 136: Establishing Threat Modeling Practices in your SDLC

Average customer ratings

Reviews - Please select the tabs below to change the source of reviews.

Audible.com reviews

Amazon reviews
No Reviews are Available