Enterprise Threat Modeling

Shadow IT and IoT Cybersecurity

White House Cybersecurity Coordinator Rob Joyce says IoT cybersecurity is a significant issue. In part, the issue is caused by a lack of responsible party. According to Joyce, it is difficult at best to know who is patching what and … Read More

How to Implement Enterprise DevSecOps

Enterprise DevSecOps is the union of Agile development, security, and operations. Organizations have experienced some notable success in integrating two of the three pillars of long-term competitive advantage and strategy, alternately benefitting from DevSec, SecOps, and DevOps with each of … Read More

Enterprise DevSecOps is Security at Scale

Enterprise DevSecOps comes from enterprise threat modeling across the comprehensive attack surface. Both seek to infuse security’s perspective end-to-end throughout the enterprise DevOps environment. In our previous article on implementing DevSecOps through rolling out an enterprise threat modeling process, we … Read More

Better Cloud Security with just One Step

When automobiles first came off Henry Ford’s assembly line, they were a novelty. They were a status symbol for the wealthy who wanted to flaunt their free capital. Few would have believed in those early years that the automobile and … Read More

Enterprise Threat Modeling Quantifies Risk

An ad hoc, per-application threat modeling practice is a good start. After all, bringing secure coding considerations into the application design process makes creating secure, functional products on tight agile time frame much more efficient. Over the years, ad hoc … Read More