Jul 26, 2022 | DevSecOps, Threat Modeling
Like everything else in the world of cybersecurity, threat modeling tools and practices continue to evolve. How is threat modeling evolving? There are five areas where we will continue to see improvement in the future. These are 1) collaboration; 2) ease of use; 3)...
Jul 19, 2022 | DevOps, DevSecOps, Threat Modeling
If you’re intent on creating secure software, then eventually you’re going to have to evolve from DevOps to DevSecOps. But as InfoQ is quick to point out, “DevSecOps isn’t possible by going about normal day-to-day DevOps processes. You can’t tell team members to just...
Jul 13, 2022 | Developers, Insider Threats, Threat Modeling
The old saying, an ounce of prevention is worth a pound of cure, certainly applies to software development. To leverage this benefit, the software industry has embraced the idea of “shifting left”. This is in reference to the linear (aka waterfall) method of software...
Jul 6, 2022 | Threat Model of The Month, Threat Modeling, Threat Modeling Process
As threat modeling continues to gain in popularity as an essential cybersecurity process, it may be tempting for newcomers to dive right in, purchase some technology and get going. But that would be putting the cart before the horse. Because threat modeling doesn’t...
Jun 28, 2022 | DevOps, Risk Management, Threat Modeling, Threat Models, ThreatModeler
Early in a technology’s evolution, the adoption can be rapid—maybe even exponential—and yet sill fly under the radar because the market is so small. And that’s where threat modeling is today. Threat modeling is not yet a category with a sizeable TAM (total addressable...
Jun 22, 2022 | Cyber Risk, Security, Threat Modeling
Everyone who is familiar with threat modeling knows that threat modeling is used to model threats in software applications. And if that’s all threat modeling did, it would still be really useful. But threat modeling can do something just as important. It can tell you...
