Author Archives: Brian Beyst

how to implement enterprise threat modeling

How to Implement Enterprise Threat Modeling

Understanding that enterprise threat modeling is the gold standard of threat modeling, enabling CISOs can drive consistent security policy organization-wide is one thing. Implementing it across the IT ecosystem is quite another. Securing legacy systems, for example, is entirely different … Read More

Improving DevOps: Including Legacy Systems

If there is such a thing as “traditional DevOps,” it is a two-dimensional beast. Consider, for example, the relatively simple two-dimensional graph shown below. Let development be represented on the vertical axis and operations be represented on the horizontal. Then … Read More

Improving DevOps: Shifting Security Right

DevOps discussions invariably center on automation – especially those areas that are deemed bottlenecks to getting products out the door. 47% of DevOps organizations currently automate their deployment, followed closely by the build process (44%) and releasing (41%).[1] The next … Read More

Meltdown and Spectre Addressed by ThreatModeler

With Meltdown and Spectre, 2018 could set a new standard for the “year of the cyber-attack.” Getting on top of these critical vulnerabilities will require enterprise threat modeling.  Meltdown and Spectre, recently discovered hardware vulnerabilities affecting chips produced by Intel, … Read More

Why Implement Enterprise Threat Modeling

Threat modeling for critical and high-risk application security has been a mainstay of software development for nearly a decade. The immediate benefits of application threat modeling include reducing application security risk and lowering production costs as potential threats are identified … Read More

DevOps Data-Driven Transformational Leadership

Organizations are increasingly becoming digital-driven. This is no great revelation. The business world is now highly interconnected. Relationships between organizations and their vendors, suppliers, and distributors are now remotely managed across global networks. Customer experience is increasingly impacted by an … Read More

Improving DevOps Implementations with Greater Ops Visibility

DevOps creates an environment which may be systemically flawed, in part due to a lack of ops visibility into application post-deployment. Ironically, the fundamental, underlying goal of DevOps is to create an environment in which both developers and operators are … Read More

IoT Security is an Economic Issue for Everyone

Around the world, reporters around the globe are hard at it – writing and watching – as IoT security takes another dark turn with yet another new botnet. The new beast, dubbed IoTroop – sometimes also referred to as Reaper … Read More

How to Improve DevOps with Up-Front QA

Up-front QA Throughout this series on how to improve your DevOps implementation, we have considered how organizations can left-shift security fully into the project design phase and how organizations can establish genuine cross-functional collaboration. In this 3rd of 7 parts, … Read More

How to Create Cross-Functional Collaboration

Organizations seeking to improve performance and their bottom line need look no further than improving their DevOps implementation. Based on survey results from more than 27,000 respondents over a six-year period, organizational performance is directly correlated to how well the … Read More