Sep 7, 2023 | Threat Modeling
Everyone involved in application development would rather prevent an incident than have to respond to one. The adage, an ounce of prevention…does apply. That’s where threat modeling comes in, and why threat modeling is essential for your security operations. It’s one...
Aug 31, 2023 | API Security, Cloud Threat Modeling, Threat Modeling
Yes, coding skills are highly valuable in the field of cybersecurity. Being able to write and understand code allows cybersecurity professionals to analyze, identify, and mitigate security vulnerabilities in software and systems. By writing scripts, developing tools,...
Aug 24, 2023 | API Security, DevSecOps, Threat Modeling
There was a time when developing secure code was just a good idea. Now, in many instances, it’s a requirement. But how do you know if a developer is developing secure code? The key here is knowing it’s secure.There are actually two aspects to developing secure code....
Aug 10, 2022 | Security, Threat Modeling, Threat Modeling Software, ThreatModeler
There’s a difference between building a threat model and creating a threat modeling culture. To be sure one is part of the other, but to understand the difference requires an analogy. Imagine threat modeling as bodybuilding. Building a threat model would be your...
Aug 2, 2022 | Cyber Risk, DevOps, Threat Modeling, Threat Modeling as a Service, Threat Modeling Process
Nobody thinks modeling threats is a bad idea. And yet threat modeling isn’t broadly adopted in the development community yet. Why is that? According to Izar Tarandach and Matthew J. Coles in their book Threat Modeling, it’s because “convincing stakeholders that threat...
Jul 26, 2022 | DevSecOps, Threat Modeling
Like everything else in the world of cybersecurity, threat modeling tools and practices continue to evolve. How is threat modeling evolving? There are five areas where we will continue to see improvement in the future. These are 1) collaboration; 2) ease of use; 3)...
