Cyber preparedness is no longer an option — it’s a necessity. More IT leaders are allocating resources toward defensive measures, and 60% of businesses are increasingly concerned about phishing, ...

During a threat modeling exercise for a large development team, hacker and security advocate Alyssa Miller was floored when a developer commented that it would be great when the team moved to a DevOps ...

Concerns about software security have been with us since the early days of modern computing. Within software security, we have used threat modeling as a security activity to analyze meaningful threats ...

John is a professional author, currently publishing evergreen and feature articles for Android Police. He discovered his passion for writing when he was very young, and enjoys how it challenges him ...

One Friday evening last month, three security experts met online to play cards and talk about the future of threat modeling. The games they played, OWASP Cornucopia and Elevation of Privilege (EoP), ...

Modern software development involves selecting and integrating tens or hundreds of complex components, services and infrastructure to deliver systems at the speed of business demands. Each integrated ...

We live in an era in which searching the term “security” on Google brings up a whopping 850 million hits, while the term “contentment” results in only 4.6 million hits. Whether that is prescient is ...

Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...

Nonprofits are attractive targets for cybercrime because of the sensitive nature of data they manage. These organizations also have tight budgets and may lack a full-time cybersecurity chief on staff, ...