_Prostock-studio_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale#)
![What’s new in Android’s May 2025 Google System Updates [U: 5/19]](https://i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2025/01/google-play-services-1.jpg?resize=1200%2C628&quality=82&strip=all&ssl=1)
.webp?#)
![[The AI Show Episode 147]: OpenAI Abandons For-Profit Plan, AI College Cheating Epidemic, Apple Says AI Will Replace Search Engines & HubSpot’s AI-First Scorecard](https://www.marketingaiinstitute.com/hubfs/ep%20147%20cover.png)
![How to make Developer Friends When You Don't Live in Silicon Valley, with Iraqi Engineer Code;Life [Podcast #172]](https://cdn.hashnode.com/res/hashnode/image/upload/v1747360508340/f07040cd-3eeb-443c-b4fb-370f6a4a14da.png?#)
Refresh of Agile Threat Modeling
Threat modeling is a systems engineering practice where teams examine how data flows through systems to identify what can go wrong - a deceptively simple act that reveals security risks that automated tools cannot anticipate. Often this is done by security analysts as a separate or upfront activity, but Jim Gumbly wrote an article in 2020 explaining how it could be done by teams through small and regular work. Now Gayathri Mohan has joined Jim to rewrite the article, incorporating what both have them learned about doing and teaching this practice in the last few years. In particular they have extended their approach to perform threat modeling with platform teams. more…
Threat modeling is a systems engineering practice where teams examine how data flows through systems to identify what can go wrong - a deceptively simple act that reveals security risks that automated tools cannot anticipate. Often this is done by security analysts as a separate or upfront activity, but Jim Gumbly wrote an article in 2020 explaining how it could be done by teams through small and regular work.
Now Gayathri Mohan has joined Jim to rewrite the article, incorporating what both have them learned about doing and teaching this practice in the last few years. In particular they have extended their approach to perform threat modeling with platform teams.
