April 01, 2024

S1E05 - Threat Modeling

1 hour 1 minute

Welcome to the Boring AppSec Podcast! In Episode 5, we dig deep into what threat modeling is from a practitioner's perspective. We compare it with design reviews and discuss when/how/why of threat modeling. In the end, we wrap up by talking about how Gen AI could help threat modeling significantly.

References:

We will try and add information about all the references we make here. Please enter rabbit holes at will :)

Threat modeling manifesto - Threatmodelingmanifesto.org

STRIDE framework - https://en.wikipedia.org/wiki/STRIDE_(security)

Tools for threat modeling

⁠https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool⁠

⁠https://www.iriusrisk.com/threat-modeling/freemium⁠

⁠https://owasp.org/www-project-threat-dragon/⁠

⁠https://excalidraw.com/⁠

⁠https://www.securitycompass.com/sdelements/⁠

Talks on threat modeling

https://www.youtube.com/watch?v=KGy_KCRUGd4⁠

⁠https://www.youtube.com/watch?v=wVSyqFdO-D8⁠

Articles - https://www.scaletozero.com/episodes/understanding-threat-modeling-with-jeevan-singh/

Gen AI related threat modeling tools/companies

Stride GPT- https://stridegpt.streamlit.app/

Nullify - https://www.nullify.ai/

Remysec - https://www.remysec.com/

Seezo - https://seezo.io/

https://www.sarahtavel.com/p/ai-startups-sell-work-not-software

https://github.com/captn3m0/ideas

Contacting Anshuman

LinkedIn: ⁠⁠⁠⁠⁠https://www.linkedin.com/in/anshumanbhartiya/⁠⁠⁠⁠⁠

Twitter: ⁠⁠⁠⁠⁠https://twitter.com/anshuman_bh⁠⁠⁠⁠⁠

Website: ⁠⁠⁠⁠⁠https://anshumanbhartiya.com/⁠⁠⁠⁠⁠

Instagram: ⁠⁠⁠⁠https://www.instagram.com/anshuman.bhartiya/⁠⁠⁠⁠

YouTube: ⁠⁠⁠⁠https://www.youtube.com/@AnshumanBhartiya⁠⁠⁠⁠

Contacting Sandesh

LinkedIn: ⁠⁠⁠⁠⁠https://www.linkedin.com/in/anandsandesh/⁠⁠⁠⁠⁠

Twitter: ⁠⁠⁠⁠⁠https://twitter.com/JubbaOnJeans/⁠⁠⁠⁠⁠

Website: ⁠⁠⁠⁠⁠https://boringappsec.substack.com/⁠⁠⁠⁠⁠

...more

View all episodes

By The Boring AppSec Podcast

April 01, 2024

S1E05 - Threat Modeling

1 hour 1 minute

References:

We will try and add information about all the references we make here. Please enter rabbit holes at will :)

Threat modeling manifesto - Threatmodelingmanifesto.org

STRIDE framework - https://en.wikipedia.org/wiki/STRIDE_(security)

Tools for threat modeling

⁠https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool⁠

⁠https://www.iriusrisk.com/threat-modeling/freemium⁠

⁠https://owasp.org/www-project-threat-dragon/⁠

⁠https://excalidraw.com/⁠

⁠https://www.securitycompass.com/sdelements/⁠

Talks on threat modeling

https://www.youtube.com/watch?v=KGy_KCRUGd4⁠

⁠https://www.youtube.com/watch?v=wVSyqFdO-D8⁠

Articles - https://www.scaletozero.com/episodes/understanding-threat-modeling-with-jeevan-singh/

Gen AI related threat modeling tools/companies

Stride GPT- https://stridegpt.streamlit.app/

Nullify - https://www.nullify.ai/

Remysec - https://www.remysec.com/

Seezo - https://seezo.io/

https://www.sarahtavel.com/p/ai-startups-sell-work-not-software

https://github.com/captn3m0/ideas

Contacting Anshuman

LinkedIn: ⁠⁠⁠⁠⁠https://www.linkedin.com/in/anshumanbhartiya/⁠⁠⁠⁠⁠

Twitter: ⁠⁠⁠⁠⁠https://twitter.com/anshuman_bh⁠⁠⁠⁠⁠

Website: ⁠⁠⁠⁠⁠https://anshumanbhartiya.com/⁠⁠⁠⁠⁠

Instagram: ⁠⁠⁠⁠https://www.instagram.com/anshuman.bhartiya/⁠⁠⁠⁠

YouTube: ⁠⁠⁠⁠https://www.youtube.com/@AnshumanBhartiya⁠⁠⁠⁠

Contacting Sandesh

LinkedIn: ⁠⁠⁠⁠⁠https://www.linkedin.com/in/anandsandesh/⁠⁠⁠⁠⁠

Twitter: ⁠⁠⁠⁠⁠https://twitter.com/JubbaOnJeans/⁠⁠⁠⁠⁠

Website: ⁠⁠⁠⁠⁠https://boringappsec.substack.com/⁠⁠⁠⁠⁠

...more

Share S1E05 - Threat Modeling

Sign up to save your podcasts

S1E05 - Threat Modeling

S1E05 - Threat Modeling