Artwork

Content provided by Anton Chuvakin. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Anton Chuvakin or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
Player FM - Podcast App
Go offline with the Player FM app!

EP215 Threat Modeling at Google: From Basics to AI-powered Magic

26:03
 
Share
 

Manage episode 471848925 series 2892548
Content provided by Anton Chuvakin. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Anton Chuvakin or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.

Guest:

Topics:

  • Can you walk us through Google's typical threat modeling process? What are the key steps involved?
  • Threat modeling can be applied to various areas. Where does Google utilize it the most? How do we apply this to huge and complex systems?
  • How does Google keep its threat models updated? What triggers a reassessment?
  • How does Google operationalize threat modeling information to prioritize security work and resource allocation? How does it influence your security posture?
  • What are the biggest challenges Google faces in scaling and improving its threat modeling practices? Any stories where we got this wrong?
  • How can LLMs like Gemini improve Google's threat modeling activities? Can you share examples of basic and more sophisticated techniques?
  • What advice would you give to organizations just starting with threat modeling?

Resources:

  continue reading

234 episodes

Artwork
iconShare
 
Manage episode 471848925 series 2892548
Content provided by Anton Chuvakin. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Anton Chuvakin or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.

Guest:

Topics:

  • Can you walk us through Google's typical threat modeling process? What are the key steps involved?
  • Threat modeling can be applied to various areas. Where does Google utilize it the most? How do we apply this to huge and complex systems?
  • How does Google keep its threat models updated? What triggers a reassessment?
  • How does Google operationalize threat modeling information to prioritize security work and resource allocation? How does it influence your security posture?
  • What are the biggest challenges Google faces in scaling and improving its threat modeling practices? Any stories where we got this wrong?
  • How can LLMs like Gemini improve Google's threat modeling activities? Can you share examples of basic and more sophisticated techniques?
  • What advice would you give to organizations just starting with threat modeling?

Resources:

  continue reading

234 episodes

All episodes

×
 
Loading …

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

 

Quick Reference Guide

Copyright 2025 | Privacy Policy | Terms of Service | | Copyright
Listen to this show while you explore
Play