Cybersecurity Tool Bloat—Yeah it’s a Thing

Cybersecurity Tool Bloat—Yeah it’s a Thing

Listen to any cybersecurity tool vendor and they’ll try to convince you of two things. You need their type of product for protection and theirs is the best of breed. And most of them can be very persuasive. The result? Lots of unused (and often unneeded) security...
Seven Common Misconceptions About Threat Modeling

Seven Common Misconceptions About Threat Modeling

There is general consensus in the DevSecOps community that threat modeling is a good thing. The sooner in the application development cycle you find a threat the less it costs to fix, and there’s hardly any better way to “shift left” than with threat modeling. So, why...