threat modeling
Reachability makes AI threat modeling worth the trust
In this interview with Help Net Security, Oscar Andersson, CTO at Oplane, explains why most scanning tools fail. They cry wolf, flagging threats that cannot run in real code. …
OpenAI’s Daybreak uses Codex Security to identify risky attack paths
OpenAI Daybreak is the company’s cybersecurity initiative focused on building AI-assisted software defense into the development process from the start. It combines OpenAI …
Your AI agents are moving sensitive data. Do you know where?
In this Help Net Security interview, Gidi Cohen, CEO at Bonfy.AI, addresses what he sees as the most pressing gap in AI agent security: data-layer risk. While the industry …
AI isn’t one system, and your threat model shouldn’t be either
In this Help Net Security interview, Naor Penso, CISO at Cerebras Systems, explains how to threat model modern AI stacks without treating them as a single risk. He discusses …
AI-driven threats are heading straight for the factory floor
In this Help Net Security interview, Natalia Oropeza, Chief Cybersecurity Officer at Siemens, discusses how industrial organizations are adapting to a shift in cyber risk …
Threat intelligence programs are broken, here is how to fix them
Security teams often gather large amounts of threat data but still struggle to improve detection or response. Analysts work through long lists of alerts, leaders get unclear …
Want fewer security fires to fight? Start with threat modeling
CISOs understand that threat modeling helps teams identify risks early and build safer systems. But outside the security org, the value isn’t always clear. When competing for …
Released: MITRE ATT&CK v17.0, now with ESXi attack TTPs
MITRE has released the latest version of its ATT&CK framework, which now also includes a new section (“matrix”) to cover the tactics, techniques and …
Introducing the book – Threats: What Every Engineer Should Learn From Star Wars
Adam Shostack, the author of “Threat Modeling: Designing for Security”, and the co-author of “The New School of Information Security”, recently launched his new book – …
What is software threat modeling and how to use it effectively
The importance of software threat modeling continues to grow. NIST advises software engineers to adhere to secure software development best practices and do software threat …
Is next-gen threat modeling even about threats?
The threat landscape evolves with technology, and as threats grow in sophistication, there are concerns about major events like the Colonial Pipeline ransomware attack or the …
The simple secret to app security? Time
The thing about being a security consultant is that people are always looking to you for the “secret” to building a secure digital anything. And by “secret,” they usually mean …
Featured news
Resources
Don't miss
- What the Fortibleed campaign means for organizations running FortiGate firewalls
- A $1,400 experiment in AI security auditing outperformed OpenAI’s Codex Security
- Residential proxy SDKs are hiding in LG and Samsung smart TV apps
- 23 ClawHub plugins squatting official scopes expose AI registry security gaps
- Who pays when you gate cyber-capable AI models?