In the video below, Robert Zigweid, senior security consultant at IOActive, talks about threat modeling best practices. The video was recorded at the OWASP AppSec USA 2010 conference.
- How to talk to your team
- When to start threat modeling a project and how often
- Threat modeling and the SDL
- and much more!