 |
DSO OverflowAuthor: Glenn Wilson, and Steve Giguere
In this podcast, we speak with professionals working in cyber security, software engineering and operations to talks about a number of DevSecOps topics. We discuss how organisations factor security into their product delivery cycles without compromising the value of doing DevOps and Agile. Language: en-gb Genres: Science, Technology Contact email: Get it Feed URL: Get it iTunes ID: Get it |
Listen Now...
S4Ep10 - Threat modelling with Ashley Ward
Friday, 6 December, 2024
DSO Overflow S4EP10Threat ModellingwithAshley WardIn this month's episode, Steve and Glenn chatted with Ashley Ward to discuss topics around threat modelling.Ashley is a highly experienced CTO at ControlPlan with expertise in cloud-native architectures and cybersecurity, known for leading transformative initiatives across startups and large enterprises, including as Group CTO for a €4.5 billion company. He excels in scaling organisations through agile, FinOps, and DevSecOps, while inspiring teams and engaging with stakeholders at all levels. As a Justice of the Peace since 2017, Ashley brings additional strengths in decision-making, public speaking, and community-focused leadership.In this episode of DSO Overflow, Ashley Ward, CTO at Control Plane, discusses threat modelling in cloud-native environments, security challenges, and the impact of emerging technologies like AI. Ward explains that threat modeling should start with existing knowledge and highlights the benefits of collaborative, iterative approaches. He emphasises involving various teams in the process to account for application, platform, and infrastructure layers. Ward also discusses practical frameworks, such as the CIA triad and STRIDE, and points out the specific challenges in cloud-native threat modelling, like microservices and fast-paced release cycles. Regarding AI, he cautions about the heightened risks, as AI democratises hacking capabilities. Ward advocates for using AI thoughtfully in threat modelling and encourages companies to adopt proactive security strategies. He concludes by encouraging organisations to embrace threat modelling as an evolving, essential practice.Resources mentioned in this podcast:Ashley Ward's LinkedIn profileControlPlane websiteDSO Overflow is a DevSecOps London Gathering production. Find the audio version on all good podcast sources like Spotify, Apple Podcast and Buzzsprout.This podcast is brought to you by our sponsors: Prisma Cloud, Tigera and ApiiroYour HostsSteve Giguere linkedin.com/in/stevegiguereGlenn Wilson linkedin.com/in/glennwilsonJessica Cregg linkedin.com/in/jessicacregg
