Threat Modeling... ranks right up there with Risk Assessments in importance... You gotta figure out how the applications you're creating or the systems you're engineering are secure. It really takes knowing your application and really, knowing the enemies/factors that can cause your application to fail, from santizing inputs on a web app, to making sure that your code doesn't have use-after-free bugs.
Brakeing Down Security talked about conducting threat modeling and application reviews with Lee Brotherston (@synackpse) from Leviathan Security (@LeviathanSecurity) this week. We discuss types of risk analysis, including one named 'Binary Risk Analysis', which may simplify assessment of your computer systems.
Show notes = https://docs.google.com/document/d/1K-eycek2Xud7loVC4yrHg6eHCY0oyztV_ytbY433oYk/edit?usp=sharing