May 16, 2022 | API Security, Threat Modeling
If you haven’t kept up with the evolution of threat modeling, you probably envision threat modeling as simply a visualization tool or a framework like STRIDE. And while there was a time when this was the sum total of threat modeling capability, these are really just...
May 9, 2022 | Threat Modeling, Threat Modeling Process
If you follow our blog and understand our philosophy then you already know we think Threat Modeling is a Process Not a Project. It’s not a one-time deliverable with a beginning, a middle and an end. Instead, it’s an ongoing series of steps that an organization...
Apr 25, 2022 | Threat Modeling
The Forbes Magazine has been around since 1917 and we’re guessing this is the first article they’ve ever done on threat modeling. According to its bio, it Forbes magazine features “original articles on finance, industry, investing, and marketing topics.” And while it...
Apr 18, 2022 | Cloud security, Cloud Threat Modeling, Threat Modeling
The good news with deploying applications in the cloud is that you can changes things fast in response to changing demands. The bad news? The same thing: you can change things really fast. And generally speaking, fast changes and security don’t mix very well. Clouds...
Jul 29, 2020 | Attack Surface Analysis, DevSecOps, Insider Threats, Threat Modeling
Many in the cybersecurity world spend their entire careers trying to prevent the kind of high-profile, reputation-wrecking cyberattack such as what occurred to Twitter earlier this month. On July 15, Twitter users the world over were puzzled to read messages promoting...
Jun 25, 2020 | Events, Recent News, Threat Modeling
The annual, five-day Open Security Summit is unique on the Information Security conference calendar as it entails security practitioners coming together in working sessions to collaborate on moving the industry practice forward. This year was unusual however, as it...
