Sign up to save your podcasts
Or
Share Threat Modeling w. Adam Shostack
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Threat Modeling w. Adam Shostack
What does it take to transform cybersecurity from reactive patch management to proactive secure design? Adam Shostack, the world's leading expert on threat modeling, takes us inside Microsoft during its pivotal security transformation in the early 2000s and reveals how those lessons shaped FDA's approach to medical device cybersecurity today.
From the auto-run vulnerability that infected millions of computers monthly to creating the STRIDE methodology now used worldwide, Adam shares the origin stories behind fundamental cybersecurity practices. He explains how threat modeling evolved from expert-driven whiteboard sessions to systematic, scalable processes that any engineering team can implement.
Shannon and Adam explore the critical difference between risk management and threat modeling in design, why "pouring concrete and then wondering about properties" fails in cybersecurity, and how FDA's pre-market guidance ensures patient safety while fostering innovation. They dive deep into the four key questions every threat modeler must answer and why starting threat modeling with a simple napkin sketch can prevent costly architectural changes later.
Key Topics:
Microsoft's trustworthy computing transformation and lessons learned
The invention and evolution of STRIDE methodology for systematic threat analysis
How FDA adopted threat modeling for medical device cybersecurity regulation
The fundamental difference between threat modeling and risk management
Why current approaches to software understanding and composition analysis fall short
Practical advice for scaling threat modeling across organizations
The future of threat modeling with AI assistance
Timestamps:
[00:00] Microsoft's security crisis and transformation
[07:03] The auto-run story and data-driven decision making
[14:10] Birth of scalable threat modeling and STRIDE methodology
[23:43] FDA's systematic approach to adopting threat modeling
[32:41] Engineering fundamentals vs. risk management in cybersecurity
[42:49] The software understanding problem and why it's so hard
[55:20] Innovation vs. regulation balance in different industries
[57:21] Rapid fire: Current projects, heroes, and startup advice
[1:02:05] Scaling threat modeling and AI integration
Connect with Shannon:
LinkedIn: https://www.linkedin.com/in/shannonlantzy/ Website: https://www.shannonlantzy.com/
Connect with Adam:
Website: shostack.org
Books: "Threat Modeling: Designing for Security" and "Threats: What Every Engineer Should Learn from Star Wars"
View all episodes
By Shannon LantzyWhat does it take to transform cybersecurity from reactive patch management to proactive secure design? Adam Shostack, the world's leading expert on threat modeling, takes us inside Microsoft during its pivotal security transformation in the early 2000s and reveals how those lessons shaped FDA's approach to medical device cybersecurity today.
From the auto-run vulnerability that infected millions of computers monthly to creating the STRIDE methodology now used worldwide, Adam shares the origin stories behind fundamental cybersecurity practices. He explains how threat modeling evolved from expert-driven whiteboard sessions to systematic, scalable processes that any engineering team can implement.
Shannon and Adam explore the critical difference between risk management and threat modeling in design, why "pouring concrete and then wondering about properties" fails in cybersecurity, and how FDA's pre-market guidance ensures patient safety while fostering innovation. They dive deep into the four key questions every threat modeler must answer and why starting threat modeling with a simple napkin sketch can prevent costly architectural changes later.
Key Topics:
Microsoft's trustworthy computing transformation and lessons learned
The invention and evolution of STRIDE methodology for systematic threat analysis
How FDA adopted threat modeling for medical device cybersecurity regulation
The fundamental difference between threat modeling and risk management
Why current approaches to software understanding and composition analysis fall short
Practical advice for scaling threat modeling across organizations
The future of threat modeling with AI assistance
Timestamps:
[00:00] Microsoft's security crisis and transformation
[07:03] The auto-run story and data-driven decision making
[14:10] Birth of scalable threat modeling and STRIDE methodology
[23:43] FDA's systematic approach to adopting threat modeling
[32:41] Engineering fundamentals vs. risk management in cybersecurity
[42:49] The software understanding problem and why it's so hard
[55:20] Innovation vs. regulation balance in different industries
[57:21] Rapid fire: Current projects, heroes, and startup advice
[1:02:05] Scaling threat modeling and AI integration
Connect with Shannon:
LinkedIn: https://www.linkedin.com/in/shannonlantzy/ Website: https://www.shannonlantzy.com/
Connect with Adam:
Website: shostack.org
Books: "Threat Modeling: Designing for Security" and "Threats: What Every Engineer Should Learn from Star Wars"