May 2, 2022 | Cyber Risk, IoT Cybersecurity, Regulatory Compliance, security controls
When you think of cyber threats, you probably think about phishing attacks targeted at corporate employees or ransomware aimed at financial institutions. You probably don’t think about a hacker attacking a digital thermometer, but you should. The next great wave of...
Apr 25, 2022 | Threat Modeling
The Forbes Magazine has been around since 1917 and we’re guessing this is the first article they’ve ever done on threat modeling. According to its bio, it Forbes magazine features “original articles on finance, industry, investing, and marketing topics.” And while it...
Apr 18, 2022 | Cloud security, Cloud Threat Modeling, Threat Modeling
The good news with deploying applications in the cloud is that you can changes things fast in response to changing demands. The bad news? The same thing: you can change things really fast. And generally speaking, fast changes and security don’t mix very well. Clouds...
Apr 4, 2022 | Recent News
Policy-driven security makes perfect sense. You’re developing a secure system and you have some compliance requirements it must meet. You start by translating those requirements into a series of security policies with which your system must comply. You then cut loose...
Mar 28, 2022 | Recent News
Infrastructure as Code (IaC) sure is convenient. IaC is a way for DevOps teams to deploy and manage application environments through a model, rather than having to do it manually. And there sure are lots of benefits to deploying infrastructure that way. Benefits...
