Analyze Endpoint Security

Analyze Endpoint Security with ThreatModeler

The need to analyze endpoint security is becoming an increasing important for organizations. Layered network security defenses are difficult to penetrate. However, once inside the perimeter, legitimate users and adversaries alike have much more freedom of movement. Thus the growing preference for adversarial actors is to conscript the aid of careless or disgruntled insiders –[…]

IoT Cybersecurity

Shadow IT and IoT Cybersecurity

White House Cybersecurity Coordinator Rob Joyce says IoT cybersecurity is a significant issue. In part, the issue is caused by a lack of responsible party. According to Joyce, it is difficult at best to know who is patching what and who is responsible for security. The proliferation of IoT devices that connect to or interact[…]

Implement Enterprise DevSecOps

How to Implement Enterprise DevSecOps

Enterprise DevSecOps is the union of Agile development, security, and operations. Organizations have experienced some notable success in integrating two of the three pillars of long-term competitive advantage and strategy, alternately benefitting from DevSec, SecOps, and DevOps with each of their hybrid emphasis. However, the real benefit to organization’s bottom line and market advantage is[…]

DevSecOps is Security at Scale

Enterprise DevSecOps is Security at Scale

Enterprise DevSecOps comes from enterprise threat modeling across the comprehensive attack surface. Both seek to infuse security’s perspective end-to-end throughout the enterprise DevOps environment. In our previous article on implementing DevSecOps through rolling out an enterprise threat modeling process, we examined the intersection of SecDev’s focus on end-to-end security and SecOps’ focus on processes and[…]