Cybersecurity Tool Bloat—Yeah it’s a Thing
Listen to any cybersecurity tool vendor and they’ll try to convince you of two things. You need their type of product for protection and theirs is the best of breed. And most of them can be very persuasive. The result? Lots of unused (and often unneeded) security...
Threat Modeling is not the Same as Threat Mapping
There’s a belief in the security community that if you’re doing threat mapping, you don’t need to do threat modeling. The idea is that threat mapping is just as good as, or at least takes the place of, threat modeling. It’s true they are both a formalized way to...
Does the New National Cybersecurity Strategy Make Threat Modeling Essential?
Are you aware of the National Cybersecurity Strategy announced by the Biden-Harris administration on March 2, 2023? Well, if you develop software, you better be. The goal of the strategy is for the U.S. Government to take the lead in creating a safe and secure digital...
