Blog
Explore our latest blogs, where we cover everything from software security and threat modeling to compliance and risk management – covering the topics that matter to you.
The Collateral Damage of a Personally Identifiable Information Data Breach
In the previous article in this series on the collateral damage produced by a data breach, we looked at the harm that could result if hackers gained...
Modern Cloud Native Architecture: What You Need to Know About Microservices, Containers and Serverless
As more organizations across the major industries migrate to the cloud, architects are finding innovative ways to scale infrastructure and...
Build Scalable AWS Applications and Microservices: Add Messaging to Your Toolbox
Developer toolboxes are the lifeline for architects to thrive within the software development life cycle (SDLC). A toolbox can comprise a number of...
Collateral Damage of an Electronic Health Records Data Breach
In the previous article in the ThreatModeler series about the Collateral Damage of a data breach, we looked at the potential damage that could occur...
Telecom Security: Using Network Security Models to Mitigate Threats
Telecom networks tie together and coordinate activity between other critical infrastructures, businesses, government agencies, and individuals. In our...
Threat Model for Security Penetration Testing
Penetration testing involves teams who conduct technical and process hacks. Web application penetration testing, for example, involves the enlistment...
Collateral Damage of a Data Breach
Not even the biggest companies in the world are 100% secure from a data breach. From the Equifax data breach of 2017, to the Capital one data breach...
How Serverless Can Save on CI/CD Time and Cost
Going serverless means departing from a traditional, on-premise server infrastructure, and migrating to third-party, cloud-hosted applications and...
Designing for Security With Threat Modeling
Within the context of information security, application threat modeling seeks to identify, understand and communicate threat information to security...