Threat Modeling
Tag details
Welcome to the 'Threat Modeling' tag page at Technorati. This page features content from the farthest reaches of the Blogosphere that authors have "tagged" with 'Threat Modeling'.
Latest blogosphere posts tagged “Threat Modeling”
-
DLP is Short for Disturbing Lack of Process?
Information Security Resources —
Authority: 532
By Danny Lieberman , Security Expert and Founder of Software Associates Ted Ritter has suggested that we rename DLP a Disturbing Lack of Process … Indeed DLP is not a well-defined term – since so many vendors (Kaspersky anti-virus, McAfee anti-virus, Symantec anti-virus, Trend Micro Provilla, CA ...2 weeks ago -
Yet Another Reason Why Penetration Testing Has Little Value
Securology —
Authority: 100
Suppose you work for an organization trying to become PCI Compliant. You read down through the list of requirements and notice that there is a "penetration testing" requirement. Like most organizations, you dont have somebody with the job title of "penetration tester" on staff, OR, you want an "unbiased" external ...3 weeks ago -
PCI Compliance Does Not Equal Security
Information Security Resources —
Authority: 532
By Danny Lieberman , Security Expert and Founder of Software Associates I recently saw a post from a blog on a corporate web site from a company called Cloud compliance, entitled Compliance is the New Security Standard . Cloud Compliance provides a SaaS-based identity and Access Assessment (IdAA) solution ...4 weeks ago -
Ninjas are cool, but engineers build bridges
Windows 2008 Security —
Authority: 155
Cory at Matasano has a new blog post explaining “Ninja threat modeling.” Ninja threat modeling is Matasano’s approach to threat modeling as part of a penetration test. I’m really happy that they’ve given their approach a name Originally posted here: Ninjas are cool, but engineers build bridges5 weeks ago
