Threat Modeling Cloud Applications: What You Don't Know Will Hurt You
Threat modeling is a critical activity for identifying such vulnerabilities early in the development process. Proper threat modeling requires the identification of application's assets, security controls and attackers. For applications based on Amazon Web Services (AWS), there are subtle differences in the security controls provided by AWS when compared to more traditional data center hosted applications. In this podcast, the speaker discuss the security controls in the AWS components: EC2, S3, EBS and SQS.