Secure software development requires a ‘shift left’ — paying attention to security and privacy early in the life cycle. Threat modeling is a very useful activity for achieving this goal,…
Browsing Categorythreat hunting
Preparing a Client Environment for Threat Management
A key part of making any threat management program successful is ensuring it maps properly to the client’s needs. In the past, this has been challenging for many groups providing…
What is STRIDE and How Does It Anticipate Cyberattacks?
STRIDE threat modeling is an important tool in a security expert’s arsenal. Threat modeling provides security teams with a practical framework for dealing with a threat. For example, the STRIDE…
Why Red Team Testing Rules the Cloud
Red team testing is a key way to help prevent data breaches today. Most cyber defense focuses on spotting openings and fixing general risks in your environment. Red teaming not…
How Open Security Can Make Threat Management More Efficient
Security operations center (SOC) teams struggle with an array of challenges. Too many tools can make the work too complex; and recruiting and retaining personnel can be hard amidst a…
Threat Analysis: How the Rapid Evolution of Reporting Can Change Security
With the advancements in data reporting gleaned from security information and event management (SIEM) tools and adjacent solutions, every security team today can face information overload and paralysis. To gain clarity…
Are Bug Bounty Programs Worth It?
Bug bounty programs are on the rise, and participating security researchers earned big bucks as a result. According to a report released by HackerOne in February 2020, hackers had collectively…
Autonomous Vehicle Security Needs From A Hacker’s Perspective
With connected cars becoming more common, the industry has more standards and options when it comes to autonomous vehicle security. Adam Laurie, known in hacker circles as Major Malfunction, leads…
Web Application Security Best Practices: A Developer’s Guide
Digital adoption is only increasing in today’s world. It brings with it the challenges of safeguarding financial and personal data against potential threat actors. Including web application security best practices…
Incident Response: 5 Steps to Prevent False Positives
False positive alerts in your threat intel platform can leave your team scrambling. It’s like driving to the wrong address. You reach a place, but also waste time you could…