A Quick Overview of When to Threat Model

A Quick Overview of When to Threat Model

It’s easy to think of threat modeling as something developers do during the DevOps process to ensure a safe application. And that’s certainly true. To that end, threat modeling is something you do when developing an application. But that’s not the only time you should...
Don’t Let Failing Banks Distract You from Cyber Threats

Don’t Let Failing Banks Distract You from Cyber Threats

Human beings and organizations suffer from a cognitive condition known as recency bias. Recency bias “is a cognitive bias that favors recent events over historic ones. It is the tendency to place too much emphasis on experiences that are freshest in your memory—even...
How Threat Modeling Can Help Minimize Your Application’s Blast Radius

How Threat Modeling Can Help Minimize Your Application’s Blast Radius

Any piece of code can have a vulnerability. Whether application code or infrastructure code, errors, oversights and misconfigurations happen. The question developers must answer is, how many negative outcomes an attacker could realize because of that vulnerability....
Can Threat Modeling Actually Improve Incident Response?

Can Threat Modeling Actually Improve Incident Response?

You threat model to identify threats and implement mitigations before you deploy an application. In this regard, the overarching reason for your commitment to do threat modeling is to avoid incident response altogether. Theoretically, an application with no...
Seven Common Misconceptions About Threat Modeling

Seven Common Misconceptions About Threat Modeling

There is general consensus in the DevSecOps community that threat modeling is a good thing. The sooner in the application development cycle you find a threat the less it costs to fix, and there’s hardly any better way to “shift left” than with threat modeling. So, why...

ThreatModeler

ThreatModeler revolutionizes threat modeling during the design phase by automatically analyzing potential attack surfaces. Harness our patented functionalities to make critical architectural decisions and fortify your security posture.

Learn more >

CloudModeler

Threat modeling remains essential even after deploying workloads, given the constantly evolving landscape of cloud development and digital transformation. CloudModeler not only connects to your live cloud environment but also accurately represents the current state, enabling precise modeling of your future state

Learn more >

IaC-Assist

DevOps Engineers can reclaim a full (security-driven) sprint with IAC-Assist, which streamlines the implementation of vital security policies by automatically generating threat models through its intuitive designer.

Learn more >