Securing Infrastructure as Code: Identifying and Assessing Threats with Threat Modeling

Securing Infrastructure as Code: Identifying and Assessing Threats with Threat Modeling

The attention raised by cloud computing has given birth to DevSecOps, which is a development methodology where collaboration and automation between development and operations teams are necessary. With applications leveraging more and more cloud infrastructure,...
Secure Supply Chain 2024: Threat Modeling Vendor Risks

Secure Supply Chain 2024: Threat Modeling Vendor Risks

Secure Your Supply Chain in 2024: Identifying Third-Party Vendor Risks With Threat Modeling In this blog post, we will discuss how to strengthen your supply chain by leveraging the threat modeling process to identify threats from third-party vendors and secure them....
Harnessing AI and Automation for Continuous Threat Modeling

Harnessing AI and Automation for Continuous Threat Modeling

In the ever-evolving landscape of cybersecurity, staying ahead of threats is not just a goal but a necessity. With the rise of more complex cyberattacks, traditional methods of threat monitoring and response are no longer sufficient. Hence, organizations are now...
Earthquakes, Cyber Breaches, and Mitigating Disasters through Design

Earthquakes, Cyber Breaches, and Mitigating Disasters through Design

By Archie Agarwal In an era where cyber threats are constantly evolving, relying solely on reactive security measures is inadequate. The imperative for proactive risk assessment and mitigation has never been greater. Much like CAD drawings provide a blueprint for...
Why it’s Important to Build a Threat Modeling Culture

Why it’s Important to Build a Threat Modeling Culture

There’s a difference between building a threat model and creating a threat modeling culture. To be sure one is part of the other, but to understand the difference requires an analogy. Imagine threat modeling as bodybuilding. Building a threat model would be your...
A Case for Automated Threat Modeling

A Case for Automated Threat Modeling

Nobody thinks modeling threats is a bad idea. And yet threat modeling isn’t broadly adopted in the development community yet. Why is that? According to Izar Tarandach and Matthew J. Coles in their book Threat Modeling, it’s because “convincing stakeholders that threat...