The Microsoft Threat Modeling Tool (TMT)
A crucial component of the Microsoft Security Development Lifecycle is the Threat Modeling Tool (SDL). Early detection and mitigation of
Read more
Month: October 2022
OWASP Threat Dragon : open-source threat modeling tool from OWASP
Threat modelling is regarded as a potent method for incorporating security into application design at an early stage of the
Read more
Threat Modeling: Choosing the Right Method for Your Business
Why Threat Modeling Is Important and What It IsIdentifying and evaluating threats that an attacker (threat) could exploit is done
Read more
IriusRisk Threat Modeling for Security and Development Teams
Threat modelling: what is it?Basics of Threat Modeling Threat modeling’s fundamental tenet is the identification, disclosure, and management of security
Read more
Kenna: RISK-BASED VULNERABILITY MANAGEMENT
Why You Should Consider More Than CVSSAs previously mentioned, one typical method of sorting and prioritising which vulnerabilities to fix
Read more
A Holistic Performance Management Framework for Implementing Cybersecurity Strategies by BCG & STC
The frequency and cost of cyberattacks is accelerating. Globally, the cost of cybercrime is estimated to have risen from $445B
Read more
Best Cloud SaaS Governance Practices from the CSA Cloud Security Alliance
IntroductionInfrastructure as Service security is almost always the focus when discussing cloud security. platforms as a service (PaaS) and infrastructure
Read more
Security and Privacy Capability Maturity Model (SP-CMM) by SCF, Secure and Privacy by Design Principles Framework
The S|P establishes 32 common-sense principles to guide the development and oversight of a modern security and privacy program. The
Read more
Campaigns to be Introduced to MITRE ATT&CK V12
Primary Articles Published by Matt Malona In ATT&CK 2022 roadmap, at ATT&CKCon 3.0, and most recently on the SANS Threat
Read more
DevSecOps is not just a technological shift; it is also a cultural one, according to Tenable.cs Cloud Security’s whitepaper, “7 Habits of Highly Effective DEVSECOPS Teams.”
DecSecOps, which is typically viewed as an integrated team of development, operational, and security practitioners that can securely deliver innovation
Read more