SECURITY RESOURCES

Offensive minded security exploit development
What is Threat Modeling?

Threat Modeling

What is Threat Modeling?

A common question asked by people new to the specifics of cybersecurity. Threat modeling is a practical measure used to protect your business’ data and networks from cyber threats and attacks.

Read About Threat Modeling
A Pasta Threat Modeling Solution for Complex Cybersecurity Tasks

A Pasta Threat Modeling Solution for Complex Cybersecurity Tasks

PASTA is not a complicated static framework. It’s an agile methodology that breaks down and solves complex cybersecurity tasks, allows scaling, and evolves with the cybersecurity landscape and business goals.

Read About PASTA
The Process for Attack Simulation and Threat Analysis

Cybersecurity Library, Ebooks & Guides, Threat Modeling, VerSprite Security Resources

The Process for Attack Simulation and Threat Analysis

PASTA is the Process for Attack Simulation & Threat Analysis and is a risk-centric threat modeling methodology aimed at identifying viable threat patterns against an application or system environment.

Download eBook
Threat Modeling: A Comprehensive Guide

Threat Modeling: A Comprehensive Guide

In this model, you will see engineers, network professionals, developers, architects, business analysts, project managers, security champions, pentesters, and quality assurance engineers. Because they all have some level of involvement and collaboration at different stages of application, as well as organizational, threat modeling ensures effective results.

Learn About Threat Modeling
Using Risk-Based Threat Modeling to Protect Your Supply Chain

Cybersecurity Library, Ebooks & Guides, Supply Chains, VerSprite Security Resources

Using Risk-Based Threat Modeling to Protect Your Supply Chain

Why are supply chains a popular target for cybercriminals? VerSprite CEO, Tony UcedaVélez, introduces our risk-based threat modeling approach, PASTA, and how it allows organizations to better protect their supply chain software from threat actors.

Read About Risk-Based Threat Modeling
Attacking Your Assumptions: How Criminal Tactics Can Save Your Organization

Attacking Your Assumptions: How Criminal Tactics Can Save Your Organization

In this article, VerSprite’s Offensive Security team explore the difference between common security risk assessments (vulnerability assessment, penetration testing, and red teaming) as we walk you through real exploits we have used to test organizations’ security protocols.

Read About Criminal Tactics

Category

View All
Gig Economy & Growing Security Gaps
Data Privacy & Development of Security Policies, Governance Risk & Compliance, Integrated Risk Management (IRM)

Gig Economy & Growing Security Gaps

Phishing Site Uses Google Translate
Application Security, Digital Forensics & Incident Response, Governance Risk & Compliance

Phishing Site Uses Google Translate

Georgia Tech Data Breach: VerSprite Interviewed on Threat Motives
In The News, VerSprite Security Resources, Videos

Georgia Tech Data Breach: VerSprite Interviewed on Threat Motives

Critical Google Chrome Security Issue
Application Security, Threat & Vulnerability Management

Critical Google Chrome Security Issue

Interactive Simulations: Risk Management That Is Greater Than the Sum of Its Parts
Information Security Management System (ISMS), Integrated Risk Management (IRM)

Interactive Simulations: Risk Management That Is Greater Than the Sum of Its Parts

Why Google Automatic Sign-in is a Privacy Risk
Application Security, Threat & Vulnerability Management

Why Google Automatic Sign-in is a Privacy Risk

Exploitation of Remote WCF Vulnerabilities
Security Awareness, Security Research

Exploitation of Remote WCF Vulnerabilities

The Geopolitical Dimensions of Automating Security
Geopolitical Risk, VerSprite Security Resources, Webinars

The Geopolitical Dimensions of Automating Security

Can You Spot When You’re Being Phished?
Digital Forensics & Incident Response, Threat & Vulnerability Management

Can You Spot When You’re Being Phished?

TLS 1.3 and Major TLS Libraries Vulnerable
Application Security, Security Training

TLS 1.3 and Major TLS Libraries Vulnerable

Vendor Risk: Coverage, Speed, Risk Relevance & Integration
Governance Risk & Compliance

Vendor Risk: Coverage, Speed, Risk Relevance & Integration

PHP 5.6 End of Life (EOL): Upgrade to Stable Version of PHP
Threat & Vulnerability Management

PHP 5.6 End of Life (EOL): Upgrade to Stable Version of PHP

Podcast: Cyber-Geopolitics and the Role of Data
Integrated Risk Management (IRM)

Podcast: Cyber-Geopolitics and the Role of Data

Disappearing Dissidents – Powered by Tech
Integrated Risk Management (IRM)

Disappearing Dissidents – Powered by Tech

VerSprite Earns CREST Certification
Application Security, Information Security Management System (ISMS)

VerSprite Earns CREST Certification

ci cd security, devsecops ci/cd, web app pen testing

Subscribe for Our
Updates

Please enter your email address and receive the latest updates