Why Threat Modeling is Overly Complex and How We Can Simplify It
Threat modeling can often feel complex and confusing for security professionals who are new to it. Further, it can feel extra complex to developers, management, … Read More
Threat modeling can often feel complex and confusing for security professionals who are new to it. Further, it can feel extra complex to developers, management, … Read More
Okta’s customer support system was attacked, allowing the attackers to access Okta customer systems. This was possible because the Okta customer support system contained HAR … Read More
23andMe was attacked, or specifically, its users were, which resulted in a major data breach affecting many of its users (potentially up to 4 million … Read More
What is DREAD Threat Modeling DREAD threat modeling is a quantitive assessment regarding the severity of a threat, with a scaled rating assigned to risk. … Read More
What is LINDDUN Threat Modeling LINDDUN is a threat modeling method focused on privacy. It was developed by privacy experts at KU Leuven (a university … Read More
Automated threat modeling is the process of threat modeling and utilizing as much automation as possible, reducing the amount of manual work needed by team … Read More
Threat modeling and vulnerability management are both essential components of a comprehensive cybersecurity program. Both are used to identify weaknesses in applications and IT systems … Read More
Threat modeling is a practice to identify potential threats and security issues that may negatively impact an application, an IT system, or a business process, … Read More
Updated 9 February 2024: The CISO Security Mind Map has been updated from the 2023, to the 2024 version. The 2024 version includes the latest … Read More
In this article I’ll provide an explanation of commonly used threat modeling terminology. These are all terms that you’ll no doubt hear about if involved … Read More