Collaborate Disseminate
The importance of software threat modeling continues to grow. NIST advises software engineers to adhere to secure software development best practices and do software threat modeling repeatedly during the development process, especially when creating ne… Continue reading What is software threat modeling and how to use it effectively
What are potential security implications of using older unsupported motherboards/laptops that do not get BIOS(UEFI) updates anymore, but run an up to date GNU/Linux distribution?
Do measures like using secure boot or setting up a BIOS pass… Continue reading What are the security implications of using an old computer with no more BIOS updates?
I am creating a react native mobile application using Expo. This app simply renders information – there is no data collection or entry, no user accounts, no database (other than JSON storage). There is not a single input box in the entire … Continue reading Static react native app security issues
Is lateral movement and horizontal privilege escalation the same thing, what would be the key difference to these two ?
Continue reading Is lateral movement and horizontal privilege escalation the same thing?
I am woking on a project where I need to build a blueprint security model for a proxy that should mediate and handle communication between two computers. Because this is a first for me, I don’t have a lot information about "security m… Continue reading How do you build a good security model for a proxy?
We are told that the roots of trust in the PKI are the handful of
Certificate Authorities that issue root certificates and sign other certificates and ensure at least some extent of trust to be maintained on the internet.
These root certif… Continue reading Where does the root of trust actually lie?
I am woking on a project where I need to build a blueprint security model for a proxy that should mediate and handle communication between two computers. Because this is a first for me, I don’t have a lot information about "security m… Continue reading How do you build a good security model for a proxy?
The threat landscape evolves with technology, and as threats grow in sophistication, there are concerns about major events like the Colonial Pipeline ransomware attack or the Equifax breach repeating themselves elsewhere. While mainstream media focuses… Continue reading Is next-gen threat modeling even about threats?
I really appreciate those live cyber threat map from FireEye, Checkpoint and others. I have a project idea to make a basic one of my own in possibly Go, Python, or JavaScript, I haven’t decided yet. However, I have no idea where to find … Continue reading A good place to find live cyber threat data?
What’s the difference between on-premises and cloud security threat modeling approaches? Both can help protect against cloud threats and have distinct benefits and risks. The latest tech developments are happening here in the cross-section of cybersecurity and cloud security. More and more treasured data is being kept and used to make data-driven decisions. So, defending […]
The post Threat Modeling Approaches: On Premises or Third Party? appeared first on Security Intelligence.
Continue reading Threat Modeling Approaches: On Premises or Third Party?