As your company architects, designs, and develops software, you must think of security at every phase. Security can not be an "add on" at the end of the project. But, how do you get started with building software the right way? You need Threat Modeling!
Threat modeling is a way of thinking about what could go wrong and how to prevent it. Instinctively, we all think this way in regards to our own personal security and safety. When it comes to building software, some software shops either skip the important step of threat modeling in secure software design or, they have tried threat modeling before but haven't quite figured out how to connect the threat models to real world software development and its priorities.
Threat modeling should be part of your secure software design process. Using threat modeling, you can design software in a way that makes security one of the top goals, along with performance, scalability, reliability, and maintenance. Now, who doesn't want source code that is secure, highly scalable, reliable, and maintainable?
In working with your software developers and architects, Robert Hurlbut will help your team learn practical strategies in using Threat Modeling for secure software design and how to apply Risk Management in dealing with the threats.