Architecturally-based process flow diagrams help organizations understand their attacker population

Architecturally-Based Process Flow Diagrams

Threat modeling is catching on. Increasingly organizations are realizing that securing DevOps projects as early as possible – preferably during the initial white boarding – not only reduces risk, it makes good business sense. For some time now agile DevOps workflows have included static and dynamic scans, issue tracking, and other tools to help ensure[…]

Application Threat Model PFD - Process Flow Diagram

Threat Modeling – Data Flow Diagram vs Process Flow Diagram

Threat modeling for information and IT system security entered the cyber security mainstream in the early 2000s. Initially, the discipline borrowed its analytic concepts from other, more mature, fields. Threat trees, attacker profiles, and risk-analysis – foundational concepts in modern threat modeling – all had their theoretical beginnings in more mature analytic fields. The same[…]