Concerns about software security have been with us since the early days of modern computing. Within software security, we have used threat modeling as a security activity to analyze meaningful threats ...

In a world where cyber threats continue to grow in complexity and quantity each year, threat modeling is one of the most advantageous and practical tools organizations can use to shore up security.

To answer the question of what makes a “good” threat model, I think it’s a good idea to establish what makes a threat model “bad.” As far as I am concerned, a bad threat model is something that you ...

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...

In addition to the KYC-free units of censorship-resistant internet money, mining bitcoin at home brings unique security threats. Home mining is one of the best expressions of individual sovereignty ...

Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...

The MITRE ATT&CK framework, launched in 2015, has become the de facto method for cataloging attacks and understanding an organization's defensive capabilities. This information is also useful to risk ...

There's been a flood of news about OpenAI's new GPT-3 Chatbot. For all the very real critiques, it does an astounding and interesting job of producing reasonable responses. What does it mean for ...

IriusRisk, a threat modeling platform, today announced that it raised $29 million in a Series B funding round led by Paladin Capital Group with participation from BrightPixel Capital, SwanLab Venture ...

API keys and credentials. Agents operate inside authorized permissions where firewalls can't see. Traditional security models ...