Ops Vsibility

Improving DevOps Implementations with Greater Ops Visibility

DevOps creates an environment which may be systemically flawed, in part due to a lack of ops visibility into application post-deployment. Ironically, the fundamental, underlying goal of DevOps is to create an environment in which both developers and operators are brought into a collaborative, transparent environment. Cooperative transparency is what gives DevOps its incredible speed[…]

Architecturally-based process flow diagrams help organizations understand their attacker population

Architecturally-Based Process Flow Diagrams

Threat modeling is catching on. Increasingly organizations are realizing that securing DevOps projects as early as possible – preferably during the initial white boarding – not only reduces risk, it makes good business sense. For some time now agile DevOps workflows have included static and dynamic scans, issue tracking, and other tools to help ensure[…]

ThreatModeler JIRA Plugin

Introducing the ThreatModeler JIRA Plugin

SecDevOps is all about pushing security left with tools that automate the integration between security and DevOps teams working in an agile environment. Ideally, that left-shift will go as far as integrating security considerations into the architect’s white boarding stage. Implementing this left-shift with ThreatModeler is rather easy. ThreatModeler’s diagramming canvas works from an architectural[…]

secure online banking

Secure Online Banking with Threat Modeling

Financial institutions are consistently in the top-five list of cyber attack targets, with the greatest increase in data breach risk coming from outside hackers.[i] Customer financial records and associated personally identifying information are high-value commodities on the dark web. Nonetheless, consumers expect banks and other financial institutions to provide secure online services and access. Creating sufficiently[…]