Please turn on your JavaScript for this page to function normally.
Threats: What Every Engineer Should Learn From Star Wars
Introducing the book – Threats: What Every Engineer Should Learn From Star Wars

Adam Shostack, the author of “Threat Modeling: Designing for Security”, and the co-author of “The New School of Information Security”, recently launched his new book – …

threat modeling
What is software threat modeling and how to use it effectively

The importance of software threat modeling continues to grow. NIST advises software engineers to adhere to secure software development best practices and do software threat …

bomb
Is next-gen threat modeling even about threats?

The threat landscape evolves with technology, and as threats grow in sophistication, there are concerns about major events like the Colonial Pipeline ransomware attack or the …

code
The simple secret to app security? Time

The thing about being a security consultant is that people are always looking to you for the “secret” to building a secure digital anything. And by “secret,” they usually mean …

fix
How to implement security into software design from the get-go

Software professionals know that the working relationship between developers and security teams can be complicated. Most security professionals feel it’s part of a …

architecture
Security teams need to become more proactive and risk-driven

83% of companies would suffer business damage during the first 24 hours of an outage and thereafter, which comes as no surprise with recent surges in ransomware and other …

MITRE ATT&CK
Released: MITRE ATT&CK v10

MITRE Corporation has released the tenth version of ATT&CK, its globally accessible (and free!) knowledge base of cyber adversary tactics and techniques based on …

threat modeling
79% of organizations identify threat modeling as a top priority in 2021

Security Compass published the results of a report designed to provide a better understanding of the current state of threat modeling in mid-sized, $100M to $999M and large …

threat modeling
Threat modeling needs a reset

Organizations need to rethink their approach to threat modeling or risk losing its value as a key defense in their cybersecurity arsenals. The traditional approaches to threat …

MITRE ATT&CK
New tool allows organizations to customize their ATT&CK database

MITRE Engenuity has released ATT&CK Workbench, an open source tool that allows organizations to customize their local instance of the MITRE ATT&CK database of cyber …

containers
3 areas of implicitly trusted infrastructure that can lead to supply chain compromises

The SolarWinds compromise in December 2020 and the ensuing investigation into their build services put a spotlight on supply chain attacks. This has generated a renewed …

MITRE ATT&CK
MITRE ATT&CK v9 is out and includes ATT&CK for Containers

The Mitre Corporation has released the ninth version of its ATT&CK knowledge base of adversary tactics and techniques, which now also includes a newly created ATT&CK …

Don't miss

Cybersecurity news