Ultimate Threat Modeling Example using Multiple Methods
In this article, we’ll provide the ultimate threat modeling example using multiple methods, including Data Flow Diagrams, Attack Trees, and STRIDE. This approach allows us … Read More
NIST Cyber Security Framework (CSF) 2.0
NIST Cyber Security Framework (CSF) 2.0 is a comprehensive framework that describes how cyber security should be organized and implemented to secure an organization from cyber … Read More
Attack Trees Threat Modeling
Attack trees threat modeling is a method that can be used for threat modeling. Attack trees can provide a helpful overview of potential attacks and … Read More
EU NIS2 Directive
The digital landscape is vast and continually evolving, prompting the need for comprehensive security measures. With the rise in cyber threats, the European Union (EU) … Read More
EU NIS2, DORA, CRA and AI Act
Network and Information Security Directive (NIS2) What is it: The Network and Information Security Directive (NIS2) replaces the original NIS. It aims to improve cyber security & resilience within the … Read More
Threat Modeling Framework
The Threat Modeling Framework describes activities & components needed to perform threat modeling in a structured and systematic manner, from external factors influencing a threat model to the core threats … Read More
Why Threat Modeling is Overly Complex and How We Can Simplify It
Threat modeling can often feel complex and confusing for security professionals who are new to it. Further, it can feel extra complex to developers, management, … Read More
Threat Modeling the Okta Attack
Okta’s customer support system was attacked, allowing the attackers to access Okta customer systems. This was possible because the Okta customer support system contained HAR … Read More
Threat Modeling the 23andMe Data Breach
23andMe was attacked, or specifically, its users were, which resulted in a major data breach affecting many of its users (potentially up to 4 million … Read More
DREAD Threat Modeling
What is DREAD Threat Modeling DREAD threat modeling is a quantitive assessment regarding the severity of a threat, with a scaled rating assigned to risk. … Read More