Threat Modeling

Improving DevOps: Including Legacy Systems

If there is such a thing as “traditional DevOps,” it is a two-dimensional beast. Consider, for example, the relatively simple two-dimensional graph shown below. Let development be represented on the vertical axis and operations be represented on the horizontal. Then … Read More

Improving DevOps: Shifting Security Right

DevOps discussions invariably center on automation – especially those areas that are deemed bottlenecks to getting products out the door. 47% of DevOps organizations currently automate their deployment, followed closely by the build process (44%) and releasing (41%).[1] The next … Read More

Meltdown and Spectre Addressed by ThreatModeler

With Meltdown and Spectre, 2018 could set a new standard for the “year of the cyber-attack.” Getting on top of these critical vulnerabilities will require enterprise threat modeling.  Meltdown and Spectre, recently discovered hardware vulnerabilities affecting chips produced by Intel, … Read More

Why Implement Enterprise Threat Modeling

Threat modeling for critical and high-risk application security has been a mainstay of software development for nearly a decade. The immediate benefits of application threat modeling include reducing application security risk and lowering production costs as potential threats are identified … Read More