


Cybersecurity Tool Bloat—Yeah it’s a Thing
Listen to any cybersecurity tool vendor and they’ll try to convince you of two things. You need their type of product for protection and theirs is the best of breed. And most of them can be very persuasive. The result? Lots of unused (and often unneeded) security...
A Quick Overview of When to Threat Model
It’s easy to think of threat modeling as something developers do during the DevOps process to ensure a safe application. And that’s certainly true. To that end, threat modeling is something you do when developing an application. But that’s not the only time you should...
How Threat Modeling Can Help Minimize Your Application’s Blast Radius
Any piece of code can have a vulnerability. Whether application code or infrastructure code, errors, oversights and misconfigurations happen. The question developers must answer is, how many negative outcomes an attacker could realize because of that vulnerability....