secure online banking

Secure Online Banking with Threat Modeling

Financial institutions are consistently in the top-five list of cyber attack targets, with the greatest increase in data breach risk coming from outside hackers.[i] Customer financial records and associated personally identifying information are high-value commodities on the dark web. Nonetheless, consumers expect banks and other financial institutions to provide secure online services and access. Creating sufficiently[…]

Cloud Security

Better Cloud Security with just One Step

When automobiles first came off Henry Ford’s assembly line, they were a novelty. They were a status symbol for the wealthy who wanted to flaunt their free capital. Few would have believed in those early years that the automobile and its myriad of gasoline and diesel-powered cousins would become iconic staples that would shape global[…]

Enterprise Threat Modeling

Enterprise Threat Modeling Quantifies Risk

An ad hoc, per-application threat modeling practice is a good start. After all, bringing secure coding considerations into the application design process makes creating secure, functional products on tight Agile timeframe much more efficient. Over the years, ad hoc threat modeling has demonstrated its value to organizations from an AppSec perspective. However, attempting to manage[…]

Quantifying Compensating Controls

Quantifying Compensating Controls with ThreatModeler

Compensating controls are cyber security mechanisms put in place to satisfy specific security compliance standards for regulatory purposes[i] or to meet a manufacturer’s guidelines.[ii] Such controls are not intended to be less stringent. Rather, the controls must – at a minimum – satisfy the rigor of the original security requirement.[iii] The purpose of compensating controls[…]