SECURITY RESOURCES

Offensive minded security exploit development
ERAs are Dead. Long Live the Organizational Threat Model!

ERAs are Dead. Long Live the Organizational Threat Model!

The OTM is a 7-stage process, inspired by the application threat modeling methodology, PASTA, that is applied at an organizational level. Much like application threat models, the intent is to have risks proven by various important contexts – business impact, likelihood, and the effectiveness of native countermeasures (or controls) that help reduce inherent risk levels.

Watch Now
The Process for Attack Simulation and Threat Analysis

Cybersecurity Library, Ebooks & Guides, Threat Modeling, VerSprite Security Resources

The Process for Attack Simulation and Threat Analysis

PASTA is the Process for Attack Simulation & Threat Analysis and is a risk-centric threat modeling methodology aimed at identifying viable threat patterns against an application or system environment.

Watch Now
A Look at RACI Models within Application Threat Modeling

A Look at RACI Models within Application Threat Modeling

In this model, you will see engineers, network professionals, developers, architects, business analysts, project managers, security champions, pentesters, and quality assurance engineers. Because they all have some level of involvement and collaboration at different stages of application, as well as organizational, threat modeling ensures effective results.

Watch Now
Using Risk-Based Threat Modeling to Protect Your Supply Chain

Cybersecurity Library, Ebooks & Guides, Supply Chains, VerSprite Security Resources

Using Risk-Based Threat Modeling to Protect Your Supply Chain

Why are supply chains a popular target for cybercriminals? VerSprite CEO, Tony UcedaVélez, introduces our risk-based threat modeling approach, PASTA, and how it allows organizations to better protect their supply chain software from threat actors.

Watch Now
Is Using Public WiFi Safe?

Is Using Public WiFi Safe?

Using public WiFi can leave you and your employees open to man-in-the-middle cyber attacks. With the increase of remote work, organizations must teach their employees how to stay safe on open WiFi networks. Get our tips on how to protect against hackers while on open WiFi networks.

Watch Now

Category

View All
Role of Zero Trust in Future Enterprise Security
VerSprite Security Resources, Webinars

Role of Zero Trust in Future Enterprise Security

Risk Centric Threat Models for Internet of Things (IoT) & Medical Devices
Application Security, Threat Modeling

Risk Centric Threat Models for Internet of Things (IoT) & Medical Devices

Why Threat Hunting Should Be Included in Your Mergers & Acquisitions Playbook
Digital Forensics & Incident Response

Why Threat Hunting Should Be Included in Your Mergers & Acquisitions Playbook

Adding and Using JEA in Your Windows Environment
Data Privacy & Development of Security Policies, Security Operations

Adding and Using JEA in Your Windows Environment

AppSec EU 2017: Modeling Threats for Applications
Threat Modeling, VerSprite Security Resources, Videos

AppSec EU 2017: Modeling Threats for Applications

SSL/TLS Security – A Simplified, Quick Guide
Application Security, Governance Risk & Compliance, Information Security Management System (ISMS)

SSL/TLS Security – A Simplified, Quick Guide

Risk-Centric Application Threat Models
VerSprite Security Resources

Risk-Centric Application Threat Models

Unknown jQuery-File-Upload Vulnerability Used for Years
Threat & Vulnerability Management

Unknown jQuery-File-Upload Vulnerability Used for Years

Risk Centric Application Threat Modeling | NYC OWASP 2016
VerSprite Security Resources

Risk Centric Application Threat Modeling | NYC OWASP 2016

Hospitality Client Hoping to Avoid Controversy
Possible Use Cases, VerSprite Security Resources

Hospitality Client Hoping to Avoid Controversy

Assessing a Potential Mining Project Partner
VerSprite Security Resources

Assessing a Potential Mining Project Partner

Attack Trees Vignettes for Containers as a Service (CaaS) – AppSec EU 2016
Slides & Presentations, VerSprite Security Resources

Attack Trees Vignettes for Containers as a Service (CaaS) – AppSec EU 2016

Attack Trees for Containers as a Service (CaaS)
Slides & Presentations, VerSprite Security Resources

Attack Trees for Containers as a Service (CaaS)

Organizational Threat Models – Atlanta Cyber Security Summit 2016
Slides & Presentations, Threat Modeling, VerSprite Security Resources

Organizational Threat Models – Atlanta Cyber Security Summit 2016

CRESTCON 2019: Threat Modeling for Defense and Offense
Threat Modeling, VerSprite Security Resources, Videos

CRESTCON 2019: Threat Modeling for Defense and Offense

ci cd security, devsecops ci/cd

Subscribe for Our
Updates

Please enter your email address and receive the latest updates