The Threat Modeling Podcast
Chris Romeo is going on a journey. A journey to understand threat modeling at the deepest levels. He thought he understood threat modeling but realized he could go deeper. Chris shares his findings and talks with some of the best-known experts in the space to experience continuous learning. Join along for the ride -- you will learn something.
Chris Romeo is the CEO of Devici (THE Threat Modeling Company) and a General Partner at Kerr Ventures.
Episodes
11 episodes since 2023
Gavin Klondike -- Threat modeling for large language model applications
In this episode of the Threat Modeling Podcast, host Chris Romeo takes listeners on a journey through the intricate world of threat modeling. Joined by senior security consultant Gavin Klondike, the episode delves into Gavin's experiences and i...
August 02, 2024
•
Episode 10
•
51:01
Nandita Rao Narla -- Privacy Threat Modeling Wins, Losses, and Tools
In this podcast episode, Nandita Rao Narla explores the reasons why privacy threat modeling programs often fail, such as being expensive with a lot of friction in the development lifecycle, misalignment with organizational strategies focused on...
May 15, 2024
•
Season 1
•
Episode 9
•
7:08
Nandita Rao Narla -- Privacy Threat Modeling
Nandita Rao Narla introduces the basics of privacy in software. She discusses privacy threats, privacy threat modeling, and privacy by design. Suppose you write or handle software that touches user information. In that case, you need to underst...
January 23, 2024
•
Season 1
•
Episode 8
•
8:47
Akira Brand -- Gaining Experience by Threat Modeling
Akira Brand joins Chris to talk about her journey into threat modeling, her early experiences, some lessons learned, and how she knew her threat model was successful. Akira's experiences emphasize the importance of collaboration, understanding ...
September 28, 2023
•
Season 1
•
Episode 7
•
12:09
Dr. Michael Loadenthal -- Intersectional, Harm Reduction Approach to Threat Modeling
Dr. Michael Loadenthal specializes in threat modeling beyond the conventional realm of technology. Companies today face multifaceted challenges, including political, legal, and technical threats. Solutions to these problems can also be varied. ...
August 24, 2023
•
Season 1
•
Episode 6
•
19:35
A Comprehensive Threat Modeling Strategy
The AppSec community agrees that threat modeling is essential, but many struggle to implement it effectively. Using insight from the LinkedIn community, Chris lays out a comprehensive Threat Modeling strategy to guide AppSec teams to success in...
August 08, 2023
•
Season 1
•
Episode 5
•
7:48
Software-Centric Threat Modeling
Engineering-led, developer-focused, or software-centric threat modeling: they all have software in common. Composing software into functions through the user story's lens is important. Farshad Abasi shares his journey from being a software engi...
July 11, 2023
•
8:47
Product-led threat modeling
What is the connection between threat modeling and product development? How can you apply lean product management and focus on understanding the user's needs while still threat modeling? Prepare to explore product-led threat modeling.The...
June 06, 2023
•
16:04
The Four Question Framework with Adam Shostack
In this episode, we discuss the four-question framework for threat modeling with its creator, Adam Shostack. We dive deep into the meaning and purpose of each question and how they simplify the threat modeling process. The four questions are: 1...
May 10, 2023
•
12:00
What is the Essence of Threat Modeling?
In episode one of the Threat Modeling podcast, host Chris Romeo explores various definitions of threat modeling gathered from industry experts. The podcast discusses whether risk assessment and threat modeling are the same, the essence of threa...
April 26, 2023
•
7:39
The Threat Modeling Podcast -- Coming Soon!
On this podcast, we'll journey together into the world of threat modeling. On this journey, we'll learn the history of threat modeling, hear from influential folks, explore the available methodologies and tools, and have fun. My nam...
April 04, 2023
•
2:17