Jul 19, 2022 | DevOps, DevSecOps, Threat Modeling
If you’re intent on creating secure software, then eventually you’re going to have to evolve from DevOps to DevSecOps. But as InfoQ is quick to point out, “DevSecOps isn’t possible by going about normal day-to-day DevOps processes. You can’t tell team members to just...
Jun 8, 2022 | Cloud security, Cloud Threat Modeling, Enterprise Threat Modeling, Security
Cloud cybersecurity using threat modeling is a proactive approach that identifies potential threats and suggests preventive measures before deployment in the dynamic and virtual cloud environment. This method transforms cybersecurity from being reactive to proactive,...
Jun 1, 2022 | Threat Models
Banks are the original threat modelers. Going back to the days when they hired the Pinkerton Agency to protect their valuables being transported by stagecoach, banks have always tried to stay one step ahead of their adversaries. Of course, when it comes to protecting...
May 16, 2022 | API Security, Threat Modeling
If you haven’t kept up with the evolution of threat modeling, you probably envision threat modeling as simply a visualization tool or a framework like STRIDE. And while there was a time when this was the sum total of threat modeling capability, these are really just...
May 9, 2022 | Threat Modeling, Threat Modeling Process
If you follow our blog and understand our philosophy then you already know we think Threat Modeling is a Process Not a Project. It’s not a one-time deliverable with a beginning, a middle and an end. Instead, it’s an ongoing series of steps that an organization...
