It has been quite some time since my last post and my job responsibilities have changed, so I thought I'd say something about what I do now.  As it happens, I no longer work in threat modeling or even application security for that matter.  My new responsibilities are primarily concerned with malicious code investigations.

This, I think, is an important field of work.  As you well know, there is a lot of malware out there.  In my opinion, it is a rather dangerous time because writiers and distributors of malware have found numerous ways of profiting from their malware.  It is not difficult to find stories about extortion (such as threats of DDoS attacks), identity and account theft (credit cards, bank accounts, paypal accounts, etc.), proxy resale (whether it be anonymizing services or spam proxies), and surreptitious adware installation.

My job is concerned with analyzing these threats and taking action to stem their proliferation.  There are many other efforts and other teams with similar goals, but I deal with specific types of malware.  This is something that I will discuss in more detail in the future, but at this point, I primarily wanted to mention my change in focus.