How do you bring context to cybersecurity risks? Tony UV, co-creator of PASTA threat modeling, explains how a risk-centric approach to threat modeling can help you focus and drive your security efforts. This live webinar was first recorded on our LinkedIn page and is an introduction to a risk-centric approach to threat modeling and PASTA threat modeling. We welcome all software and application developers, architects and security professionals to join us in building stronger threat models.

// MORE PASTA RESOURCES AT VERSPRITE //
Learn more about PASTA: https://versprite.com/security-offerings/appsec/application-threat-modeling/
Download an excerpt from Tony's book on PASTA: https://versprite.com/security-testing/risk-based-threat-modeling/
Blog – Threat models as blueprints for threat intelligence and threat intelligence (SOCs): https://versprite.com/blog/threat-intelligence/organizational-threat-models/

CHAPTER:
00:00 Welcome: How to apply PASTA to security operations with Tony UcedaVélez
02:24 What is the PASTA threat modeling method?
03:18 How PASTA works as threat modeling for applications
03:39 How PASTA provides risk context while other threat matrices do not
04:36 Manual threat models vs. threat modeling tools
05:20 How risk-based threat models help security professionals
06:52 CIAC – How to think with CIAC to understand the impact on your business
11:46 How to find the attack surface of your application using
12:50 Bring your PASTA threat model to your penetration testing company
14:55 Gitlab uses PASTA threat modeling for its business
16:21 7 Phases of PASTA slide from the ADDO presentation (All Day DevOps)
17:59 Using PASTA threat models for cryptocurrency/bitcoin and financial institutions
19:28 Outro – Invitation to the cybersecurity training livestream “Cooking with PASTA”
19:40 End

// ABOUT TONY //
Tony UcedaVélez is co-creator of the Attack Simulation and Threat Analysis Process and CEO of VerSprite. Tony has over 25 years of IT/InfoSec experience across a variety of industries. He is also the OWASP Lead for Atlanta, GA.

Connect with Tony:
LinkedIn: https://www.linkedin.com/in/tonyuv/
Twitter: https://twitter.com/t0nyuv

// FIND VERSPRITE'S CYBERSECURITY TEAM ONLINE //
VerSprite: https://versprite.com/
LinkedIn: https://www.linkedin.com/versprite-llc/
Twitter: https://twitter.com/versprite/
YouTube: https://www.youtube.com/channel/UCpO73NdAEmRl2Z12fgoY_sw

// ABOUT VERSPRITE //
VerSprite is a leading provider of risk-based cybersecurity services and PASTA threat modeling, enabling organizations to improve protection of critical assets, ensure compliance, and manage risk. Our mission is to help you understand and improve your organization's cybersecurity posture. With the increasing number and sophistication of cyberattacks, it is important to protect your company's assets and your customers and maintain the same reputation and trust you have worked hard to build. We believe an integrated approach leads to better and more cost-effective security practices and better overall business results.

Visit our website: https://versprite.com/

#ThreatModeling #CybersecurityTraining #Pastathreatmodel

Please take the opportunity to connect with your friends and family and share this video with them if you find it useful.