Threat modelling is regarded as a potent method for incorporating security into application design at an early stage of the secure development lifecycle. It is most effective when used for: ensuring depth in the defenceimplementing uniform security design patterns throughout an applicationreleasing user stories and security requirements quicklyFor teams using the STRIDE methodology, OWASP Threat… Continue reading OWASP Threat Dragon : open-source threat modeling tool from OWASP
Tag: CIA
Best Cloud SaaS Governance Practices from the CSA Cloud Security Alliance
IntroductionInfrastructure as Service security is almost always the focus when discussing cloud security. platforms as a service (PaaS) and infrastructure as a service (IaaS). In spite of the fact that Organizations typically use 2-3 IaaS providers and frequently use tens to hundreds of SaaS products. A standard set of guidelines called the SaaS Governance Best… Continue reading Best Cloud SaaS Governance Practices from the CSA Cloud Security Alliance