Hindsight is a wonderful thing and lessons learnt from Implementing a Threat Modeling program is no exception. I am curious to know how organisations from large to small have approached this.
Would love to hear your experience or of others you have worked with on what has worked or working well, or what you may perhaps do differently that you feel would drive a better outcome to your Threat modelling program?
Â