What is the OWASP Threat Dragon?


Manage episode 190136385 series 108783
By Discovered by Player FM and our community — copyright is owned by the publisher, not Player FM, and audio streamed directly from their servers.

In this fire-breathing edition of the Exploring Information Security podcast, I talk to Mike Goodwin the project lead of the OWASP Threat Dragon.

Mike (@theblacklabguy) joins me to discuss his OWASP project Threat Dragon. The project is meant to give developers an easy use tool for performing threat modeling. The project is built on NodeJS and AngularJS. It has a slick easy-to-use interface and Github integration. His roadmap for the project include Bitbucket integration and a rule engine that will help with threat modeling.

In this episode we discuss:

  • What is threat modeling?
  • What led to the idea of Threat Dragon?
  • How does someone get started with the tool?
  • What's the effort on a project like this? (mike[dot]goodwing[at]owasp[dot]org to help)

More resources:

[RSS Feed] [iTunes]

168 episodes available. A new episode about every 7 days averaging 30 mins duration .