Veteran startup CTO and author focused on bringing security and privacy to customers. Currently doing so at Microsoft.
From BruCON 2016
Everyone knows you ought to threat model, but in practical reality it turns out to be tricky. If past efforts to threat model haven't panned out, perhaps part of the problem is confusion over what works, and how the various approaches conflict or align. This talk captures lessons from years of work helping people throughout the software industry threat model more effectively. It's designed to help security pros, developers and systems managers, all of whom will leave with both threat modelling lessons from Star Wars and a proven foundation, enabling them to threat model effectively.