Episode 1

Is Threat Modeling Still Relevant in the Age of AI?

Threat modeling has been a cornerstone of application security for decades — but is it still relevant in the era of AI-assisted development? In this episode of AppSec.FM, Jerry Hoff talks with Amir Kavousian about how threat modeling must evolve to keep pace with modern software practices.

Highlights:

  • Why threat modeling is still essential for AppSec.
  • How AI-assisted development changes risk considerations.
  • Continuous threat modeling as a living document.
  • The role of compliance and legal in secure design.
  • Automating threat modeling to scale with modern pipelines.
  • Applying threat modeling to both new and legacy applications.
  • The business value of integrating threat modeling into security programs.

Guest Links:

https://www.linkedin.com/in/amir-kavousian/

https://www.devarmor.com/

Next Episode All Episodes

About the Podcast

Show artwork for AppSec
AppSec

Listen for free

About your host

Profile picture for Jerry Hoff

Jerry Hoff

For the past two decades, I’ve been on the front lines of application security, leading teams, teaching thousands of developers, and helping shape how organizations around the world defend their software. Along the way I’ve held leadership roles at Aspect Security, WhiteHat Security, Sony Electronics, and NTT, always with the same goal: making technology safer.

Today I run AppSec Training, a boutique company dedicated to transforming security education into something practical, engaging, and impactful.

And now, through AppSec.FM, I get to do what I love most: connect with the brightest minds in cybersecurity, uncover their stories, and explore how we can secure software in an era defined by AI, rapid innovation, and relentless new threats.