Jun 30, 2021 | Cloud security, DevOps, Recent News
What’s the easiest way to learn anything new? Don’t start from scratch. This means employing three strategies: 1) Use the skills you already have 2) Take advantage of the latest tools 3) Don’t reinvent the wheel Every time you write a new program, do you use a...
May 27, 2021 | CISO, Cloud security, Enterprise Threat Modeling, Recent News, Threat Modeling Process
ThreatModeler has seen a significant uptick in US federal government agencies and contractors approaching us to find out more about automating the labor intensive manual process of threat modeling. Those charged with proactively managing NIST 800-53 Rev. 5...
Mar 24, 2021 | CISO, Cloud security, Enterprise Threat Modeling, Recent News, Threat Modeling Process
Architectural patterns are those blocks of functions or components that tend to repeat over and again in systems and software. ThreatModeler leverages these to great advantage in reusing these patterns in threat modeling. Be it either components or templates of groups...
Feb 10, 2021 | CISO, Cloud security, Enterprise Threat Modeling, Recent News, Threat Modeling Process
A recent survey by Deloitte unearthed the extraordinary fact that “only 5.8% of professionals in cloud-savvy organizations experienced slowdown due to COVID, compared to 16.4% among companies that plan to move to the cloud in 2021.” In a fast changing world, those...
Feb 4, 2021 | Recent News
This is a recap of the “Automated Threat Modeling For Applications Using Avocado” webinar presented recently. To view the entire webinar (including a demo of the integration), click here. For people who are practicing threat modeling on a day-to-day basis,...
Dec 10, 2020 | Attack Surface Analysis, CISO, Cyber Risk, DevOps, Enterprise Threat Modeling, Risk Management, Security, SOAR
This is an excerpt from a panel we participated in at the NY Cyber Security Summit. You can check out the entire panel below: https://www.youtube.com/watch?v=HMerd-BKaYc&list=PLUJfsMmlclPSfFtn2yYGPI-4jq_NA40aJ&index=6 Security Orchestration Automation Response...
Oct 8, 2020 | Attack Surface Analysis, AWS, CISO, Cloud security, security controls
The move to cloud poses unique challenges as organizations adapt to securing infrastructure as code for all applications, while being prepared to secure brave new features such as containers, microservices and automatic scaling. Threat modeling, traditionally a manual...
Aug 12, 2020 | AWS, Cloud security, Cloud Threat Modeling, Compensating Controls, Risk Management, Security
It’s no secret that Amazon Web Services (AWS) helps to run a wide swath of the web’s most popular websites, services, and applications. However, the rise of cloud services has not gone unnoticed by hackers, who have broadened their scope from traditional...
Jul 29, 2020 | Attack Surface Analysis, DevSecOps, Insider Threats, Threat Modeling
Many in the cybersecurity world spend their entire careers trying to prevent the kind of high-profile, reputation-wrecking cyberattack such as what occurred to Twitter earlier this month. On July 15, Twitter users the world over were puzzled to read messages promoting...
Jul 22, 2020 | Attack Surface Analysis, DevSecOps, Threat Modeling Process
For software and application development teams, data assets represent the culmination of years, even decades, of iterative hard work towards building business value. If put into the wrong hands, compromised data assets may ruin client relationships, lead to even...
