Blog

Explore our latest blogs, where we cover everything from software security and threat modeling to compliance and risk management – covering the topics that matter to you.

Collateral Damage of PII

The Collateral Damage of a Personally Identifiable Information Data Breach

In the previous article in this series on the collateral damage produced by a data breach, we looked at the harm that could result if hackers gained...
Microservices, Containers and Serverless

Modern Cloud Native Architecture: What You Need to Know About Microservices, Containers and Serverless

As more organizations across the major industries migrate to the cloud, architects are finding innovative ways to scale infrastructure and...
ThreatModeler article on Messaging Toolkit for AWS Microservices

Build Scalable AWS Applications and Microservices: Add Messaging to Your Toolbox

Developer toolboxes are the lifeline for architects to thrive within the software development life cycle (SDLC). A toolbox can comprise a number of...
Collateral Damage of a Data Breach to Health Data

Collateral Damage of an Electronic Health Records Data Breach

In the previous article in the ThreatModeler series about the Collateral Damage of a data breach, we looked at the potential damage that could occur...
Telecom Network Security with ThreatModeler

Telecom Security: Using Network Security Models to Mitigate Threats

Telecom networks tie together and coordinate activity between other critical infrastructures, businesses, government agencies, and individuals. In our...
Penetration Testing

Threat Model for Security Penetration Testing

Penetration testing involves teams who conduct technical and process hacks. Web application penetration testing, for example, involves the enlistment...
Collateral Damage Fallout Data Breach

Collateral Damage of a Data Breach

Not even the biggest companies in the world are 100% secure from a data breach. From the Equifax data breach of 2017, to the Capital one data breach...
Serverless Computing ThreatModeler Article

How Serverless Can Save on CI/CD Time and Cost

Going serverless means departing from a traditional, on-premise server infrastructure, and migrating to third-party, cloud-hosted applications and...
Application Threat Modeling

Designing for Security With Threat Modeling

Within the context of information security, application threat modeling seeks to identify, understand and communicate threat information to security...