ASW #229 - Nick Selby - podcast episode cover

ASW #229 - Nick Selby

Application Security Weekly (Audio)
Feb 14, 20231 hr 21 min
--:--
--:--
Listen in podcast apps:
Metacast
Apple Podcasts
Spotify
Download
YouTube
Overcast
Pocket Casts
Episodes.fm
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

Organizations spend hundreds of work hours to build applications and services that will benefit customers and employees alike. Whether the application/service is externally facing or for internal use only, it is mandatory to identify and understand the scope of potential cyber risks and threats it poses to the organization. But where and how do you start with an accurate threat model? Nick can discuss how to approach this and create a model that's useful to security and developers alike.

Segment Resources

https://github.com/trailofbits/publications/blob/master/reviews/2022-12-curl-threatmodel.pdf

 

Reddit's breach disclosure, simple vulns in Toyota's web portals, OpenSSL vulns, voting results for Portswigger's top 10 web hacking techniques of 2022, tiny IoT cryptography implementations, real world migration of a million lines of code

 

 Visit https://www.securityweekly.com/asw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/secweekly

Like us on Facebook: https://www.facebook.com/secweekly

 

Show Notes: https://securityweekly.com/asw229

For the best experience, listen in Metacast app for iOS or Android
Open in Metacast
ASW #229 - Nick Selby | Application Security Weekly (Audio) podcast - Listen or read transcript on Metacast