Aug 2, 2022 | Cyber Risk, DevOps, Threat Modeling, Threat Modeling as a Service, Threat Modeling Process
Nobody thinks modeling threats is a bad idea. And yet threat modeling isn’t broadly adopted in the development community yet. Why is that? According to Izar Tarandach and Matthew J. Coles in their book Threat Modeling, it’s because “convincing stakeholders that threat...
Jul 19, 2022 | DevOps, DevSecOps, Threat Modeling
If you’re intent on creating secure software, then eventually you’re going to have to evolve from DevOps to DevSecOps. But as InfoQ is quick to point out, “DevSecOps isn’t possible by going about normal day-to-day DevOps processes. You can’t tell team members to just...
Jun 28, 2022 | DevOps, Risk Management, Threat Modeling, Threat Models, ThreatModeler
Early in a technology’s evolution, the adoption can be rapid—maybe even exponential—and yet sill fly under the radar because the market is so small. And that’s where threat modeling is today. Threat modeling is not yet a category with a sizeable TAM (total addressable...
Jan 24, 2022 | Cloud security, DevOps, Recent News
While there is actually a great deal of overlap between threat assessment and threat modeling in terms of their ultimate objective, they are different in terms of their scope. As NIST is quick to point out, “The assessment process is an information-gathering activity,...
Jan 17, 2022 | Cloud security, DevOps, Recent News
When it comes to a cybersecurity checklist, admittedly you could have just a single item on your list: Identify your risks and mitigate them. In some ways, it really is that simple. And it applies to processes as well as technology. As an example, take a corporate...
Jan 10, 2022 | Cloud security, DevOps, Recent News
A new year, a new set of cyber threats. Are you prepared? The only thing we know for sure is that cybercriminals will never stop. In this article, we’ll briefly summarize some predictions for security threats for the coming year and one thing you can do to prepare....
