SECURITY RESOURCES

Offensive minded security exploit development
ERAs are Dead. Long Live the Organizational Threat Model!

ERAs are Dead. Long Live the Organizational Threat Model!

The OTM is a 7-stage process, inspired by the application threat modeling methodology, PASTA, that is applied at an organizational level. Much like application threat models, the intent is to have risks proven by various important contexts – business impact, likelihood, and the effectiveness of native countermeasures (or controls) that help reduce inherent risk levels.

Watch Now
The Process for Attack Simulation and Threat Analysis

Cybersecurity Library, Ebooks & Guides, Threat Modeling, VerSprite Security Resources

The Process for Attack Simulation and Threat Analysis

PASTA is the Process for Attack Simulation & Threat Analysis and is a risk-centric threat modeling methodology aimed at identifying viable threat patterns against an application or system environment.

Watch Now
A Look at RACI Models within Application Threat Modeling

A Look at RACI Models within Application Threat Modeling

In this model, you will see engineers, network professionals, developers, architects, business analysts, project managers, security champions, pentesters, and quality assurance engineers. Because they all have some level of involvement and collaboration at different stages of application, as well as organizational, threat modeling ensures effective results.

Watch Now
Using Risk-Based Threat Modeling to Protect Your Supply Chain

Cybersecurity Library, Ebooks & Guides, Supply Chains, VerSprite Security Resources

Using Risk-Based Threat Modeling to Protect Your Supply Chain

Why are supply chains a popular target for cybercriminals? VerSprite CEO, Tony UcedaVélez, introduces our risk-based threat modeling approach, PASTA, and how it allows organizations to better protect their supply chain software from threat actors.

Watch Now
Is Using Public WiFi Safe?

Is Using Public WiFi Safe?

Using public WiFi can leave you and your employees open to man-in-the-middle cyber attacks. With the increase of remote work, organizations must teach their employees how to stay safe on open WiFi networks. Get our tips on how to protect against hackers while on open WiFi networks.

Watch Now

Category

View All
Navigating the SEC’s 4-Day Disclosure Requirement: A Comprehensive Guide for CISOs 
Governance Risk & Compliance, In The News, Regulatory Compliance

Navigating the SEC’s 4-Day Disclosure Requirement: A Comprehensive Guide for CISOs 

The Advancement of AI in Cybersecurity: What You Need to Know 
In The News, Threat & Vulnerability Management

The Advancement of AI in Cybersecurity: What You Need to Know 

Software Composition Analysis: The Changing Role of SCA
DevSecOps, Software Composition Analysis

Software Composition Analysis: The Changing Role of SCA

8 Weeks Later: Lessons Learned from the MOVEit Vulnerability
Digital Forensics & Incident Response, Governance Risk & Compliance, Risk Assessments, Security Testing, Supply Chains, Threat & Vulnerability Management, Threat Intelligence, Threat Modeling

8 Weeks Later: Lessons Learned from the MOVEit Vulnerability

Proactive Malware Threat-Hunting: Benefits, Techniques, and Trends
Threat & Vulnerability Management

Proactive Malware Threat-Hunting: Benefits, Techniques, and Trends

Virtual Security Solution for Your Organization – VerSprite VSOC 
Threat & Vulnerability Management, Threat Modeling

Virtual Security Solution for Your Organization – VerSprite VSOC 

Determining Impact and Probability in Risk-Centric Threat Modeling (With PASTA) 
Threat & Vulnerability Management, Threat Modeling

Determining Impact and Probability in Risk-Centric Threat Modeling (With PASTA) 

Ransomware Recovery – 5 Action Items Missing from Your Plan
Security Operations, Threat Intelligence, Threat Modeling

Ransomware Recovery – 5 Action Items Missing from Your Plan

Application Pen Testing Black, Grey, and White Box Testing
Application Security, Penetration Testing

Application Pen Testing Black, Grey, and White Box Testing

Cyberattack Readiness Checklist
Threat & Vulnerability Management

Cyberattack Readiness Checklist

Transforming Security: Mercury Financial Implements Zero Trust with VerSprite
Case Study, VerSprite Security Resources

Transforming Security: Mercury Financial Implements Zero Trust with VerSprite

DevSecOps: Your Secret Weapon Against Supply Chain Attacks
DevSecOps, In The News, Supply Chains, Threat & Vulnerability Management

DevSecOps: Your Secret Weapon Against Supply Chain Attacks

Translating Preventative Risk Mitigation to ROI 
Governance Risk & Compliance

Translating Preventative Risk Mitigation to ROI 

The Rise of AI in Cybersecurity: Expert Insights on the Benefits and Challenges of ChatGPT
Security Awareness

The Rise of AI in Cybersecurity: Expert Insights on the Benefits and Challenges of ChatGPT

Grey Box Application Testing: What It Is and Why You Need It
Application Security, OffSec

Grey Box Application Testing: What It Is and Why You Need It

ci cd security, devsecops ci/cd

Subscribe for Our
Updates

Please enter your email address and receive the latest updates