Today we are going to be talking about - OWASP Threat Dragon - and our guests are Mike Goodwin, the founder, and Jon Gadsden, a major contributor to the project.
Threat Dragon is a popular, free tool used for threat modeling, including diagramming, threat identification, mitigation and report generation.
Mike is the VP of Product Security and Architecture and Technical Fellow at Sage Software - a FTSE100 company providing accounting, payroll and HR software to businesses in 23 countries worldwide. After short careers as an academic and then as a nuclear engineer, Mike settled into software development about 20 years ago working for a startup, a government corporation and now the UKs largest tech company. After developing an interest in security during a large cloud migration project, Mike moved to a full-time security role six years ago to help build Sage's AppSec program.
Jon is a software engineer with ForgeRock in Bristol, a company that provides Identity and Access Management services. Jon splits his time between security engineering and embedded C/C++ development - he says that he likes it this way because it reminds him that developers are under time pressure and that security engineers require a whole load of tact. Jon has been involved with the open source software community since Linux 2.0.28, and his latest project is helping with Cupcake's OWASP Threat Modeling project.
OWASP Threat Dragon Project Page
Mike's Medium Article
Mike and Jon are interviewed by Shayne Morgan and John L. Whiteman
Follow us, join us, be us: