SECURITY RESOURCES

Offensive minded security exploit development
ERAs are Dead. Long Live the Organizational Threat Model!

ERAs are Dead. Long Live the Organizational Threat Model!

The OTM is a 7-stage process, inspired by the application threat modeling methodology, PASTA, that is applied at an organizational level. Much like application threat models, the intent is to have risks proven by various important contexts – business impact, likelihood, and the effectiveness of native countermeasures (or controls) that help reduce inherent risk levels.

Watch Now
The Process for Attack Simulation and Threat Analysis

Cybersecurity Library, Ebooks & Guides, Threat Modeling, VerSprite Security Resources

The Process for Attack Simulation and Threat Analysis

PASTA is the Process for Attack Simulation & Threat Analysis and is a risk-centric threat modeling methodology aimed at identifying viable threat patterns against an application or system environment.

Watch Now
A Look at RACI Models within Application Threat Modeling

A Look at RACI Models within Application Threat Modeling

In this model, you will see engineers, network professionals, developers, architects, business analysts, project managers, security champions, pentesters, and quality assurance engineers. Because they all have some level of involvement and collaboration at different stages of application, as well as organizational, threat modeling ensures effective results.

Watch Now
Using Risk-Based Threat Modeling to Protect Your Supply Chain

Cybersecurity Library, Ebooks & Guides, Supply Chains, VerSprite Security Resources

Using Risk-Based Threat Modeling to Protect Your Supply Chain

Why are supply chains a popular target for cybercriminals? VerSprite CEO, Tony UcedaVélez, introduces our risk-based threat modeling approach, PASTA, and how it allows organizations to better protect their supply chain software from threat actors.

Watch Now
Is Using Public WiFi Safe?

Is Using Public WiFi Safe?

Using public WiFi can leave you and your employees open to man-in-the-middle cyber attacks. With the increase of remote work, organizations must teach their employees how to stay safe on open WiFi networks. Get our tips on how to protect against hackers while on open WiFi networks.

Watch Now

Category

View All
US Company Exploring FinTech
Geopolitical Risk, Possible Use Cases, VerSprite Security Resources

US Company Exploring FinTech

Modernizing the Telecommunications Industry
Geopolitical Risk, Possible Use Cases, VerSprite Security Resources

Modernizing the Telecommunications Industry

Risk Centric Threat Modeling: AppSec, Risk, Compliance Convergence | CSX North American Conference
Slides & Presentations, VerSprite Security Resources

Risk Centric Threat Modeling: AppSec, Risk, Compliance Convergence | CSX North American Conference

Healthcare Threat Modeling Vignettes
Slides & Presentations, Threat Modeling, VerSprite Security Resources

Healthcare Threat Modeling Vignettes

Medical Record Retention Across States (HIPAA / HITECH)
Governance Risk & Compliance, Information Security Management System (ISMS), Regulatory Compliance

Medical Record Retention Across States (HIPAA / HITECH)

WD My Cloud Command Injection – Access All Private Folders
Cloud Security, VerSprite Security Resources, Videos

WD My Cloud Command Injection – Access All Private Folders

Command Injection in the WD My Cloud NAS
Application Security, Cloud Security, Information Security Management System (ISMS)

Command Injection in the WD My Cloud NAS

WD My Cloud Command Injection – Remote Root with WebRTC
Cloud Security, VerSprite Security Resources, Videos

WD My Cloud Command Injection – Remote Root with WebRTC

Anti-Nausea Medicine for LastPass, Password Management FUD
Application Security, Governance Risk & Compliance, Information Security Management System (ISMS), Regulatory Compliance

Anti-Nausea Medicine for LastPass, Password Management FUD

Why Threat Free Threat Modeling Doesn’t Work
Application Security, Threat Modeling

Why Threat Free Threat Modeling Doesn’t Work

Assessing Emerging JavaScript Platforms with Express.js and Node.js – What to Look For
Application Security, Information Security Management System (ISMS)

Assessing Emerging JavaScript Platforms with Express.js and Node.js – What to Look For

Security Metrics Rehab – Part One
Governance Risk & Compliance, Information Security Management System (ISMS)

Security Metrics Rehab – Part One

PASTA Threat Modeling – One Day Training
Slides & Presentations, VerSprite Security Resources

PASTA Threat Modeling – One Day Training

The Truth About Chinese Hardware Implants
Threat & Vulnerability Management

The Truth About Chinese Hardware Implants

Addressing Cybercrime via PASTA Threat Modeling
Slides & Presentations, Threat Modeling, VerSprite Security Resources

Addressing Cybercrime via PASTA Threat Modeling

At VerSprite Cybersecurity Consulting Services we build tailored engagements for you.

Subscribe for Our
Updates

Please enter your email address and receive the latest updates