Blog
Explore our latest blogs, where we cover everything from software security and threat modeling to compliance and risk management – covering the topics that matter to you.
OMIGOD Vulnerability Exposes Virtual Machines Running Inside Azure
Late last month, researchers from cloud security firm Wiz found a new vulnerability that allows Azure users to access cloud databases of other users...
Mirai Botnet Starts Exploiting OMIGOD Security Flaw
Threat actors have started to actively exploit critical Microsoft Azure vulnerabilities, just days after Microsoft disclosed them during September’s...
Threat Modeling is a Process not a Project
Developers are starting to embrace the idea that threat modeling is a best practice as part of the secure development lifecycle (SDLC). And if it is...
Mirai Botnets Found to Exploit OMIGOD Vulnerabilities in Azure
Just a few days after the four OMIGOD vulnerabilities were discovered in Microsoft Azure, researchers on Friday reported that Mirai botnets are either...
Attackers Exploit OMIGOD Flaw in Azure Despite Microsoft Fixes
Cybercriminals are targeting Linux-based servers running Microsoft’s Azure public cloud environment that are vulnerable to flaws after Microsoft...
OMIGOD! Azure Vulnerabilities Are Being Exploited
No sooner had the Open Management Infrastructure (OMI) software agent silently installed by Microsoft on more than half of all Azure instances been...
The Evolving SDLC Paradigm
When considering the evolution of the software development lifecycle, the first thing that comes to mind is the shift from waterfall to agile. The...
Can Threat Modeling Save Lives?
NIST and the FDA think so. It’s hard to find a medical device today that doesn’t use software, have an app or connect to the cloud. And the FDA knows...
The Essential Role of Automated Threat Modeling in DevSecOps
Every developer wants to create secure applications. Unfortunately, there are always some limitations to developing secure applications. And since no...