Jul 19, 2022 | DevOps, DevSecOps, Threat Modeling
If you’re intent on creating secure software, then eventually you’re going to have to evolve from DevOps to DevSecOps. But as InfoQ is quick to point out, “DevSecOps isn’t possible by going about normal day-to-day DevOps processes. You can’t tell team members to just...
Jul 29, 2020 | Attack Surface Analysis, DevSecOps, Insider Threats, Threat Modeling
Many in the cybersecurity world spend their entire careers trying to prevent the kind of high-profile, reputation-wrecking cyberattack such as what occurred to Twitter earlier this month. On July 15, Twitter users the world over were puzzled to read messages promoting...
Jul 22, 2020 | Attack Surface Analysis, DevSecOps, Threat Modeling Process
For software and application development teams, data assets represent the culmination of years, even decades, of iterative hard work towards building business value. If put into the wrong hands, compromised data assets may ruin client relationships, lead to even...
Jun 23, 2020 | AWS, Cloud security, Cloud Threat Modeling, DevSecOps
While much of the tech world is adopting the private cloud for the added security and scalability, today’s developers typically rely on its public, less secure cousin. The reason is simple: it’s way cheaper. “Private” cloud infrastructure requires providers to assign...
Jun 2, 2020 | Attack Surface Analysis, AWS, AWS Security Epics Automated, CISO, DevOps, DevSecOps
By Michael Vizard The best cybersecurity defense is always applied in layers. If one line of defense fails, the next should be able to thwart an attack and so on. That same, tried and true, security in depth concept applies to DevOps as responsibility for...
![DevSecOps and the importance of threat modeling [Q&A]](https://www.threatmodeler.com/wp-content/uploads/2022/01/Untitled-252-×-235-px-12.png)