Earthquakes, Cyber Breaches, and Mitigating Disasters through Design

Earthquakes, Cyber Breaches, and Mitigating Disasters through Design

By Archie Agarwal In an era where cyber threats are constantly evolving, relying solely on reactive security measures is inadequate. The imperative for proactive risk assessment and mitigation has never been greater. Much like CAD drawings provide a blueprint for...
Why it’s Important to Build a Threat Modeling Culture

Why it’s Important to Build a Threat Modeling Culture

There’s a difference between building a threat model and creating a threat modeling culture. To be sure one is part of the other, but to understand the difference requires an analogy. Imagine threat modeling as bodybuilding. Building a threat model would be your...
A Case for Automated Threat Modeling

A Case for Automated Threat Modeling

Nobody thinks modeling threats is a bad idea. And yet threat modeling isn’t broadly adopted in the development community yet. Why is that? According to Izar Tarandach and Matthew J. Coles in their book Threat Modeling, it’s because “convincing stakeholders that threat...
A Glimpse Into the Future of Threat Modeling

A Glimpse Into the Future of Threat Modeling

Like everything else in the world of cybersecurity, threat modeling tools and practices continue to evolve. How is threat modeling evolving? There are five areas where we will continue to see improvement in the future. These are 1) collaboration; 2) ease of use; 3)...
Three Must Have DevSecOps Threat Modeling Tools for 2022

Three Must Have DevSecOps Threat Modeling Tools for 2022

If you’re intent on creating secure software, then eventually you’re going to have to evolve from DevOps to DevSecOps. But as InfoQ is quick to point out, “DevSecOps isn’t possible by going about normal day-to-day DevOps processes. You can’t tell team members to just...
Why it’s Essential to Mitigate Security Threats Early in the Software Development Lifecycle

Why it’s Essential to Mitigate Security Threats Early in the Software Development Lifecycle

The old saying, an ounce of prevention is worth a pound of cure, certainly applies to software development. To leverage this benefit, the software industry has embraced the idea of “shifting left”. This is in reference to the linear (aka waterfall) method of software...