Jul 19, 2022 | DevOps, DevSecOps, Threat Modeling
If you’re intent on creating secure software, then eventually you’re going to have to evolve from DevOps to DevSecOps. But as InfoQ is quick to point out, “DevSecOps isn’t possible by going about normal day-to-day DevOps processes. You can’t tell team members to just...
Jul 13, 2022 | Developers, Insider Threats, Threat Modeling
The old saying, an ounce of prevention is worth a pound of cure, certainly applies to software development. To leverage this benefit, the software industry has embraced the idea of “shifting left”. This is in reference to the linear (aka waterfall) method of software...
Jul 6, 2022 | Threat Model of The Month, Threat Modeling, Threat Modeling Process
As threat modeling continues to gain in popularity as an essential cybersecurity process, it may be tempting for newcomers to dive right in, purchase some technology and get going. But that would be putting the cart before the horse. Because threat modeling doesn’t...
Jun 28, 2022 | DevOps, Risk Management, Threat Modeling, Threat Models, ThreatModeler
Early in a technology’s evolution, the adoption can be rapid—maybe even exponential—and yet sill fly under the radar because the market is so small. And that’s where threat modeling is today. Threat modeling is not yet a category with a sizeable TAM (total addressable...
Jun 22, 2022 | Cyber Risk, Security, Threat Modeling
Everyone who is familiar with threat modeling knows that threat modeling is used to model threats in software applications. And if that’s all threat modeling did, it would still be really useful. But threat modeling can do something just as important. It can tell you...
Jun 14, 2022 | IoT Cybersecurity, Threat Modeling
The healthcare industry is teaming up with electronic medical devices. And many of them are connected to the local area network in a medical facility, making them IoT (Internet-of-Things) devices. These IoT medical devices offer many benefits, including the ability to...
