VerSprite Blog

Literary Antidotes for Today's Security Snake Oil

Explore the latest insights and stay informed on evolving digital threats

A Look at RACI Models within Application Threat Modeling

Threat Modeling

A Look at RACI Models within Application Threat Modeling

In this model, you will see engineers, network professionals, developers, architects, business analysts, project managers, security champions, pentesters, and quality assurance engineers. Because they all have some level of involvement and collaboration at different stages of application, as well as organizational, threat modeling ensures effective results.

Learn More

Category

View All
Plain HTTP Websites Labeled “Not Secure”
Application Security, Threat & Vulnerability Management

Plain HTTP Websites Labeled “Not Secure”

As of the latest release of Chrome, sites not usin...

Why Androids are a Prime Target for Hackers
Information Security Management System (ISMS), Mobile Security Testing

Why Androids are a Prime Target for Hackers

The Android operating system and the mobile device...

Cyber Criminals Target Employees with W-2 Phishing Scam
Application Security, Digital Forensics & Incident Response, Governance Risk & Compliance

Cyber Criminals Target Employees with W-2 Phishing Scam

Tax season provides an opportunity for cyber crimi...

Swimming in the Deep End: Taking a Deeper Look at the Use Cases of JEA
Application Security, Governance Risk & Compliance

Swimming in the Deep End: Taking a Deeper Look at the Use Cases of JEA

Throughout my testing and implementation of JEA in...

Risk Centric Threat Models for Internet of Things (IoT) & Medical Devices
Application Security, Threat Modeling

Risk Centric Threat Models for Internet of Things (IoT) & Medical Devices

The course is provided over two days and begins wi...

SSL/TLS Security – A Simplified, Quick Guide
Application Security, Governance Risk & Compliance, Information Security Management System (ISMS)

SSL/TLS Security – A Simplified, Quick Guide

Much of the following may be common knowledge to m...

Command Injection in the WD My Cloud NAS
Application Security, Cloud Security, Information Security Management System (ISMS)

Command Injection in the WD My Cloud NAS

The WD My Cloud is predominantly displayed at majo...

Anti-Nausea Medicine for LastPass, Password Management FUD
Application Security, Governance Risk & Compliance, Information Security Management System (ISMS), Regulatory Compliance

Anti-Nausea Medicine for LastPass, Password Management FUD

Another breach notification, another opportunity f...

Why Threat Free Threat Modeling Doesn’t Work
Application Security, Threat Modeling

Why Threat Free Threat Modeling Doesn’t Work

The idea of threat free threat models may make no ...

Assessing Emerging JavaScript Platforms with Express.js and Node.js – What to Look For
Application Security, Information Security Management System (ISMS)

Assessing Emerging JavaScript Platforms with Express.js and Node.js – What to Look For

Node.js is known as one of the most important emer...

Unsafe Application State Restoration (iOS)
Application Security, Mobile Security Testing, Risk Assessments

Unsafe Application State Restoration (iOS)

Unsafe Application State Restoration actually mean...

Force Feeding Enterprise Security Failures
Application Security, Data Privacy & Development of Security Policies

Force Feeding Enterprise Security Failures

Metaphorically speaking, force-feeding enterprise ...