In this fire-breathing edition of the Exploring Information Security podcast, I talk to Mike Goodwin the project lead of the <a target="_blank" href="https://github.com/mike-goodwin/owasp-threat-dragon">OWASP Threat Dragon</a>.Mike (<a target="_blank" href="https://twitter.com/theblacklabguy">@theblacklabguy</a>) joins me to discuss his <a target="_blank" href="https://www.owasp.org/index.php/OWASP_Threat_Dragon">OWASP project Threat Dragon</a>. The project is meant to give developers an easy use tool for performing threat modeling. The project is built on NodeJS and AngularJS. It has a slick easy-to-use interface and Github integration. His roadmap for the project include Bitbucket integration and a rule engine that will help with threat modeling.In this episode we discuss:<ul><li>What is threat modeling?</li><li>What led to the idea of Threat Dragon?</li><li>How does someone get started with the tool?</li><li>What's the effort on a project like this? (mike[dot]goodwing[at]owasp[dot]org to help)</li></ul>More resources:<ul><li><a target="_blank" href="https://www.amazon.com/Threat-Modeling-Designing-Adam-Shostack/dp/1118809998">Threat Modeling: Designing for Security</a> by Adam Shostack</li></ul>













 [<a target="_blank" href="http://www.timothydeblock.com/eis?format=rss">RSS Feed</a>] [<a target="_blank" href="https://itunes.apple.com/us/podcast/eis-podcast-timothy-de-block/id1026428940">iTunes</a>]

How to implement the CSF from NIST

The Exploring Information Security podcast interviews a different professional each week exploring topics, ideas, and disciplines within information security. Prepare to learn, explore, and grow your security mindset.