Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University
SEI Podcast Series
05/12/2016

Threat Modeling and the Internet of Things

Art Manion, Allen D. Householder

Summary

Threat modeling, which has been popularized by Microsoft in the last decade, provides vulnerability analysts a means to analyze a system and identify various attack surfaces and use that knowledge to bolster a system against vulnerabilities. In this podcast, Art Manion and Allen Householder of  CERT’s vulnerability analysis team, talk about threat modeling and its use in improving security of the Internet of Things.

Watch

Listen

Player Not Available. Download Podcast.

Categories: Vulnerability Analysis

About the Speakers

Art Manion

Art Manion is a senior member of the Vulnerability Analysis team in the CERT Program at the Software Engineering Institute (SEI), Carnegie Mellon University. Since joining CERT in 2001, Manion has studied vulnerabilities, coordinated disclosure efforts, and published advisories, alerts, and vulnerability notes for CERT/CC and US-CERT. Manion currently focuses on vulnerability discovery and other areas of applied research, including ways to automate and improve operational vulnerability response. Prior to joining the SEI, Manion was the Director of Network Infrastructure at Juniata College.

Allen D. Householder

Allen Householder is a senior vulnerability and incident researcher at the SEI’s CERT Division. His recent work includes being the technical lead developer for the CERT Basic Fuzzing Framework, or BFF, and Failure Observation Engine, also called FOE, and research into the security of the Internet of Things. His research interests include applications of machine learning and software and system security, fuzzing, and modeling of information sharing and trust among computer security incident response teams.