his talk will focus on how org threat models can help to identify supply chain risks for enterprise organizations. This presentation will focus on what organization threat models are, how they incorporate attack surfaces along with threat intel sources and how companies can continuously manage their threat models as part of a blueprint for a security program.