John is a professional author, currently publishing evergreen and feature articles for Android Police. He discovered his passion for writing when he was very young, and enjoys how it challenges him ...

One Friday evening last month, three security experts met online to play cards and talk about the future of threat modeling. The games they played, OWASP Cornucopia and Elevation of Privilege (EoP), ...

Posts from this topic will be added to your daily email digest and your homepage feed. An interview with Facebook’s ex-security chief An interview with Facebook’s ex-security chief Jay Rosen: You’re a ...

Concerns about software security have been with us since the early days of modern computing. Within software security, we have used threat modeling as a security activity to analyze meaningful threats ...

To answer the question of what makes a “good” threat model, I think it’s a good idea to establish what makes a threat model “bad.” As far as I am concerned, a bad threat model is something that you ...

One noteworthy element of the National Institute of Standards and Technology's recent Recommended Minimum Standard for Vendor or Developer Verification of Code is the prominence given to threat ...

We live in an era in which searching the term “security” on Google brings up a whopping 850 million hits, while the term “contentment” results in only 4.6 million hits. Whether that is prescient is ...

Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...

IriusRisk, a threat modeling platform, today announced that it raised $29 million in a Series B funding round led by Paladin Capital Group with participation from BrightPixel Capital, SwanLab Venture ...