The Growth of Threat Modeling Tooling
In this article we’ll talk about the growth of threat modeling tooling. Think about building a new house. You wouldn’t dream of waiting until the … Read More
How Threat Modeling can Help with Vulnerability Management
In this article, we’ll explore how threat modeling can help with vulnerability management. We’ll also add an example with a diagram. I also wrote an … Read More
Ultimate Threat Modeling Example using Multiple Methods
In this article, we’ll provide the ultimate threat modeling example using multiple methods, including Data Flow Diagrams, Attack Trees, and STRIDE. This approach allows us … Read More
NIST Cyber Security Framework (CSF) 2.0
NIST Cyber Security Framework (CSF) 2.0 is a comprehensive framework that describes how cyber security should be organized and implemented to secure an organization from cyber … Read More
Attack Trees Threat Modeling
Attack trees threat modeling is a method that can be used for threat modeling. Attack trees can provide a helpful overview of potential attacks and … Read More
EU NIS2 Directive
The digital landscape is vast and continually evolving, prompting the need for comprehensive security measures. With the rise in cyber threats, the European Union (EU) … Read More
EU NIS2, DORA, CRA and AI Act
Network and Information Security Directive (NIS2) What is it: The Network and Information Security Directive (NIS2) replaces the original NIS. It aims to improve cyber security & resilience within the … Read More
Threat Modeling Framework
The Threat Modeling Framework describes activities & components needed to perform threat modeling in a structured and systematic manner, from external factors influencing a threat model to the core threats … Read More
Why Threat Modeling is Overly Complex and How We Can Simplify It
Threat modeling can often feel complex and confusing for security professionals who are new to it. Further, it can feel extra complex to developers, management, … Read More
Threat Modeling the Okta Attack
Okta’s customer support system was attacked, allowing the attackers to access Okta customer systems. This was possible because the Okta customer support system contained HAR … Read More