There is general consensus in the DevSecOps community that threat modeling is a good thing. The sooner in the application development cycle you find a threat the less it costs to fix, and there’s hardly any better way to “shift left” than with threat modeling. So, why...
Take a look at the headlines in any security news outlet and one thing really stands out. There are data breaches everywhere. That happen all the time, to organizations that know better. And it’s not like anyone wants a data breach. In fact, just the opposite is true....
The Value of a Community Marketplace in Democratizing DevSecOps When companies do business, invariably they try to differentiate themselves in some way. Maybe it’s the uniqueness of their offering, the quality of their service or perhaps even their intellectual...
It’s 2023 and the world of application development is slowly but surely migrating from DevOps to DevSecOps. As you probably know, DevSecOps “automates the integration of security at every phase of the software development lifecycle, from initial design through...
As 2022 comes to an end, we’ve definitely seen some major themes emerge with regard to threat modeling. In this year in review, we discuss some of the more important ones. The Ever Expanding Scope of Threat Modeling Perhaps the most recurrent theme in 2022 was the...
