Brett Crawley on Threat Modeling with EoP - Live Session #01

In this episode, Simon Gibbs sits down with Brett Crawley, author of Threat Modeling Gameplay with Elevation of Privilege (EoP), to discuss his book.

We learn about Brett's career journey from software engineering to cybersecurity and gain insights into the importance of threat modeling in software development and the role of his book in facilitating this process. They delve into how the Elevation of Privilege game helps teams identify and mitigate security and privacy threats in modern software development settings.

Key Points:

Brett Crawley’s transition from software engineering to cybersecurity.
The role of Elevation of Privilege in effective threat modeling.
How Brett's book provides examples and support for threat modeling exercises.
The importance of involving diverse team members in threat modeling sessions.
Opportunities for students in cybersecurity and the growing skill gap in the industry.
The significance of conducting threat modeling early in the software development process to avoid costly design flaws.
Practical tips and tools for facilitating remote threat modeling sessions, including the use of Miro boards and JIRA integrations.

Resources:

The Book - https://agilestationery.com/collectio...

Croupier - https://croupier.agilestationery.co.uk/