Architecture Risk Assessment

Attack Surface Analysis the key to Cyber Risk Management

The role of the CISO is continuing to evolve. Originally CISOs were expected to be tech-savvy security subject matter experts. Today organizations are requiring their CISOs to be business-savvy experts at cyber risk management also. Singularly either one of these … Read More

How ThreatModeler Benefits Key Stakeholders

ThreatModeler Benefits for… Executives / CISOs With ThreatModeler, they’re able to: Meet application security policy objectives by adopting a scalable, repeatable, collaborative, and automated process organization-wide to promote consistency, enforce security requirements, and reduce overall risk exposure. Map application security … Read More

Threat Modeling: Past, Present and Future

Application Threat modeling is a structured and methodical approach that allows you to identify potential threats to applications, classify them by risk, and prioritize mitigation efforts based on the technical and business impact these threats pose to your organization, should … Read More

Comparing ThreatModeler to Microsoft Threat Modeling Tool (TMT)

Recently, several requests have been made by members of the security community asking that MyAppSecurity provide a comparison between our product offering, ThreatModeler, the industry’s first automated, collaborative, scalable, and repeatable threat modeling solution, and Microsoft’s TMT, Microsoft threat modeling … Read More

5 Characteristics of a Successful Threat Modeling Practice

Our past blog posts have covered why organizations need to implement threat modeling and make it an ongoing process, versus treating it as a one-time exercise, and also how IT executives, along with other key stakeholders, benefit from a scalable … Read More

4 Key Reasons Why CISOs Need Threat Modeling

A recent article by CSO magazine highlights key findings from CISOs (Chief Information Security Officers) on how threat modeling helps eliminate blind spots and more complex threat scenarios in their application risk profile. It also provided detail as to how … Read More

7 Benefits of Continuous Threat Modeling

The ever-changing threat landscape requires continuous updating of application threat models, in order for organizations to keep current and to best mitigate their increased risk exposure. Stay current with continuous threat modeling. New attack surfaces and threats are continually introduced, … Read More

Top 5 Reasons to Implement Threat Modeling

Over the past decade, security awareness has increased, but so has the prevalence of powerful tools at the hands of amateurs and experts alike. Other highly prevalent attacks against web applications include cross-site scripting, cross-site request forgery and brute force … Read More

3 Approaches to Threat Modeling

Threat Modeling can be viewed in two different, but related contexts. One is the implementation of security controls by architects that map to security requirements and policy and the other is to reflect all possible known attacks to components or … Read More

Comparison of Threat Modeling Methodologies

Microsoft Threat Modeling Methodology: Stride Threat Model Microsoft’s threat modeling practice aligns with their Trustworthy Computing directive of January 2002 and its primary focus is to help ensure secure software begins during the design phase. In order for an application … Read More