Threat Modeling in the Cloud with Romina Druta & Daniela Cruzes
What are the threats your cloud application and infrastructure are facing? While at NDC Oslo, Richard chatted with Daniela Cruzes and Romina Druta about their work building threat models for cloud-based applications. Daniela discusses how modeling helps to understand security concerns before applications are deployed and attacked - often, security retrofits are time-consuming and expensive, so thinking them through beforehand has enormous benefits. Romina dives into the supply chain side of threats - open-source libraries with backdoors, even down to development tools with malware. There are a lot of threats - but when you look, there are often great solutions as well. You'll need to collaborate with development to secure things, but security isn't optional and is worth fighting for.
RunAs Radio · Daniela Cruzes, Romina Druta, Richard Campbell
Audio is streamed directly from the publisher (cdn.simplecast.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
What are the threats your cloud application and infrastructure are facing? While at NDC Oslo, Richard chatted with Daniela Cruzes and Romina Druta about their work building threat models for cloud-based applications. Daniela discusses how modeling helps to understand security concerns before applications are deployed and attacked - often, security retrofits are time-consuming and expensive, so thinking them through beforehand has enormous benefits. Romina dives into the supply chain side of threats - open-source libraries with backdoors, even down to development tools with malware. There are a lot of threats - but when you look, there are often great solutions as well. You'll need to collaborate with development to secure things, but security isn't optional and is worth fighting for.
Links
Recorded June 12, 2024