Securing the Future - The Art of Threat Modeling with Paul McCarty

12/07/2024 32 min

Listen "Securing the Future - The Art of Threat Modeling with Paul McCarty "

Descargar episodio Ver en sitio original

Episode Synopsis

In this episode of The Security Repo, we dive deep into the world of threat modelling with Paul McCarty, a veteran in the field of DevSecOps and founder of SecureStack. Paul shares his journey from being a Unix admin to working with high-profile organizations like NASA and GitLab. We explore the essentials of threat modeling, the significance of cloud-native security, and frameworks he has developed for threat modeling like TVPO. Tune in to learn how to stay ahead in the ever-evolving landscape of cybersecurity.

Show Notes
Paul’s GitHub https://github.com/6mile
DevSecOps Playbook - https://github.com/6mile/DevSecOps-Playbook
Secure Code Red training - https://sourcecodered.com/Linkedin - https://www.linkedin.com/in/mccartypaul/

Introduction: 0:00
Pauls Journey: 1:10
the Cloud Native Mission: 2:55
Pauls History with Threat Modeling: 4:00
TVPO Framework for Threat Modeling 6:52
When Should Companies Start Threat Modeling 10:15
When to Threat Model: 12:00
Unique Risks of Threat Modelling Open-Source 13:50
Red Team Code Puppets: 21:48

Best and Worst: 28:00

More episodes of the podcast The Security Repo

The CISO Whisperer Approach: Security Leadership, Empathy, and ‘Dad Bod’ Metrics – Douglas Brush 17/12/2025

Scaling Open Source Observability and Managing Risk in the Software Supply Chain – Avi Press 10/12/2025

Decoding Threat Actor Names: Marketing, Confusion & the MITRE Solution – Jeffrey Bell 03/12/2025

Why Technical CISOs Matter and How AI Is Shaping Security Ops - David Cross on Leading Security 26/11/2025

Identity Risks in Email: Your Inbox Might Be Lying About You – Amy Devine 19/11/2025

From Military Intel to CISO: Navigating Security Leadership in the Age of AI – Darren Desmond 12/11/2025

Mapping the InfoSec Community: Building InfoSecMap & Global Security Events – Martín Villalba 05/11/2025

Supply Chain Warfare: CI/CD Threats and Open Source Security with François Proulx 29/10/2025

Fighting Tool Squatting And Prompt Injection & The Security Gaps In MCP – Srajan Gupta 22/10/2025

Fixing Hiring, Fostering Diversity, and Finding Your Place in Security – Matt Torbin 15/10/2025

Ver todos los episodios

ZARZA We are Zarza, the prestigious firm behind major projects in information technology.

Securing the Future - The Art of Threat Modeling with Paul McCarty

Listen "Securing the Future - The Art of Threat Modeling with Paul McCarty "

Episode Synopsis

More episodes of the podcast The Security Repo

7 Advices to Prevent Identity Theft

Internet Predators on the prowl

Bandwidth: Broadband or Narrowband?

Personnel recruitment via Web

Deep web or Invisible Internet

Subdomains, a glance with the experts!

Free Internet, a prediction in Nostradamus style

Educational Technology: From traditional to digital

Localhost, there’s no place like 127.0.0.1

Googling with breathtaking tricks you ignore

Gray Hat Hacking, those with ambiguous ethics…

Internet Predators on the prowl

Dot COM: The Internet’s dominant TLD