Threat Modeling in 2026

A good threat model is the spine of every credible cybersecurity submission. These episodes go deep on STRIDE, PASTA, attack trees, data flow diagrams, and how to map cybersecurity risk into ISO 14971 risk management. Learn how Blue Goat Cyber and the broader community build threat models that scale across product portfolios and stand up to FDA scrutiny.

This page rounds up every Threat Modeling conversation we've published in 2026 on The Med Device Cyber Podcast. Each episode pairs an experienced practitioner - a regulator, a startup founder, a security researcher, or a quality lead - with our hosts, who've personally led FDA premarket and postmarket cybersecurity submissions for connected medical devices. The result is a working library of frameworks, war stories, and reviewer-tested patterns you can apply to your own 510(k), De Novo, or PMA program.

Use the 2026 archive below to get a sense of how threat modeling expectations are evolving this year - what the FDA is asking for in deficiency letters, which engineering practices the field is converging on, and where reasonable people still disagree. If you want a longer-running view, browse the full Threat Modeling topic page for every episode we've ever published on the subject, or jump to the complete 2026 catalog to see what else aired alongside these episodes.