Threat Modeling is a great method to identify potential security flaws, part of any secure design. But instead of investing time + budget in a top-heavy, big-model-up-front threat modeling methodology, we can use a lightweight value-driven approach to embed security right into the agile dev process!

AviD is a high-end, independent security architect and developer, and has been designing, developing and testing secure applications, and leading development teams in building secure products, for