The Biggest Shifts in OWASP Top 10 2025
This article discusses the OWASP Top 10 2025 update. There’s a hard truth that usually shows up after a few years of production work, or … Read More
CIS Critical Security Controls (or CIS Controls): An Analysis and Overview of the 18 Controls
In this article we look at the CIS Critical Security Controls (CIS controls), and how they can help to provide security focus for your company … Read More
Threat Modeling the FIA Driver Categorization Application that Allowed Unauthorized Access to Max Verstappen’s Passport and PII
Ian Carroll, Sam Curry, Gal Nagli published an interesting article about their ethical hacking of the FIA Driver Categorization application. They identified a weakness which … Read More
CISO Security Mind Map 2025
We’ve created the CISO Security Mind Map 2025. It’s an update from the previous year. You can find the previous CISO Security Mind Map 2024 … Read More
Microsoft Security Development Lifecycle (SDL)
Learn how Microsoft’s Security Development Lifecycle (SDL) can help protect your software from cyber threats. Discover best practices and implementation tips.
Threat Modeling within DevSecOps
Learn how to incorporate threat modeling into your DevSecOps practices to enhance security and protect against potential cyber threats.
NIST Cybersecurity Framework 2.0
Learn about the updates and improvements in the NIST Cybersecurity Framework 2. Enhance your cybersecurity strategy with the latest guidelines.
How Does Threat Modeling Fit Within NIST Cybersecurity Framework (CSF) and ISO27001?
Learn how threat modeling aligns with NIST CyberSecurity Framework and ISO27001. Discover key insights to enhance your cybersecurity strategy.
How ISO27001 can Help Your Security Program
Learn how implementing ISO27001 can enhance your security program. Discover key benefits and best practices for improving cybersecurity.
How NIST CSF can Help Your Security Program
Learn how implementing the NIST CSF can enhance your security program. Discover key strategies and best practices for cybersecurity success.