In this episode, Matt Tesauro hosts Adam Shostack to talk about threat modeling - not only what it is but what Adam has learned from teaching numerous teams how to do threat modeling. Learn what makes a good threat model and some news about a new book from Adam to help further the spread of threat modeling with the end goal of more threat modeling and fewer security surprises.  Enjoy!

Show Links:
- Threats Book site: https://threatsbook.com/
- Resources on Adam’s website: https://shostack.org/resources

OWASP Podcast

Threat Modeling using the Force with Adam Shostack - OWASP Podcast e001

WAFs have been with us a while and it's about time someone reconsidered WAFs and their role in AppSec given the cloud-native and Kubernetes landscape. The OWASP Coraza is not only asking these questions but putting some Go code behind their ideas. Should WAFs work in a mesh network? Why create an open source WAF? What's next for the OWASP Coraza project? These and more topics are covered in this episode. I had a great time recording it and I think you'll have the same while listening.

Show Link:
- Coraza Website: https://coraza.io/
- Coraza Github Repo: https://github.com/corazawaf/coraza
- Coraza Twitter: https://twitter.com/corazaio
- AppSec EU 2023 presentation on Coraza - https://www.youtube.com/watch?v=S_TtvDFmia4

2023-04 Rethinking WAFs: OWASP Coraza

Annotations and transcribed highlights: http://www.brainpickings.org/2015/06/16/neil-gaiman-how-stories-last

Recorded at the Long Now Foundation (http://longnow.org/) on June 9, 2015. 

Follow @https://soundcloud.com/longnow and subscribe to the podcast of their excellent seminars on long-term thinking on iTunes: https://itunes.apple.com/us/podcast/seminars-about-long-term-thinking/id186908455?mt=2

MORE / TRANSCRIPT

Neil Gaiman on how stories last

The OWASP Podcast Series is a recorded series of discussions with thought leaders and practitioners who are working on securing the future for coming generations.

2023-04 Rethinking WAFs: OWASP Coraza

The OWASP Podcast Series

Related tracks