Management, compliance & auditing February 15, 2021 Howard Poston 6 key elements of a threat model Threat modeling is a process for threat discovery and risk management. Any system carries potential risk, and a clear understanding of these risks is essential...
Management, compliance & auditing February 11, 2021 Howard Poston Top threat modeling frameworks: STRIDE, OWASP Top 10, MITRE ATT&CK Framework and more Threat modeling is an exercise designed to identify the potential threats and attack vectors that exist for a system. Based upon this information, it is possible...
Management, compliance & auditing February 1, 2021 Susan Morrow Security vs. usability: Pros and cons of risk-based authentication Risk-based authentication (RBA) has to become part of the enterprise lexicon for a good reason. The authentication measures used to protect access to resources...
Management, compliance & auditing January 11, 2021 Howard Poston Threat modeling: Technical walkthrough and tutorial Threat modeling is an exercise designed to help an organization identify potential threats and cybersecurity risks within their organization and systems....
Management, compliance & auditing January 4, 2021 Infosec Average Chief Security Officer Salary [Updated 2021] The role of a chief security officer is one that combines management with a deep understanding of information technology and data protection. A chief security...
Management, compliance & auditing December 23, 2020 Gilad Maayan Comparing endpoint security: EPP vs. EDR vs. XDR Endpoint detection and response is a type of security solution that provides real-time visibility into endpoint activities by monitoring and recording endpoint...
Management, compliance & auditing December 22, 2020 Howard Poston Role and purpose of threat modeling in software development Threat modeling is an exercise designed to identify the potential cybersecurity threats and attack surface of an application. By working through the threat...
Management, compliance & auditing December 21, 2020 Karen Walsh 5 changes the CPRA makes to the CCPA that you need to know On election day 2020, Californians did more than vote for a president. They also passed the California Privacy Rights Act (CPRA), which clarified the California...
Management, compliance & auditing December 2, 2020 Patrick Mallory 6 benefits of cyber threat modeling Continuing Infosec’s series on threat modeling, we are going to explore some of the biggest benefits organizations can realize from performing this important...
Management, compliance & auditing December 1, 2020 Patrick Mallory What is threat modeling? Everything that touches the internet or enterprise systems faces constant cyber threat from internal and external sources, malicious or mistaken. And as technology...