SECURITY RESOURCES

Offensive minded security exploit development
What is Threat Modeling?

Threat Modeling

What is Threat Modeling?

A common question asked by people new to the specifics of cybersecurity. Threat modeling is a practical measure used to protect your business’ data and networks from cyber threats and attacks.

Read About Threat Modeling
A Pasta Threat Modeling Solution for Complex Cybersecurity Tasks

A Pasta Threat Modeling Solution for Complex Cybersecurity Tasks

PASTA is not a complicated static framework. It’s an agile methodology that breaks down and solves complex cybersecurity tasks, allows scaling, and evolves with the cybersecurity landscape and business goals.

Read About PASTA
The Process for Attack Simulation and Threat Analysis

Cybersecurity Library, Ebooks & Guides, Threat Modeling, VerSprite Security Resources

The Process for Attack Simulation and Threat Analysis

PASTA is the Process for Attack Simulation & Threat Analysis and is a risk-centric threat modeling methodology aimed at identifying viable threat patterns against an application or system environment.

Download eBook
Threat Modeling: A Comprehensive Guide

Threat Modeling: A Comprehensive Guide

In this model, you will see engineers, network professionals, developers, architects, business analysts, project managers, security champions, pentesters, and quality assurance engineers. Because they all have some level of involvement and collaboration at different stages of application, as well as organizational, threat modeling ensures effective results.

Learn About Threat Modeling
Using Risk-Based Threat Modeling to Protect Your Supply Chain

Cybersecurity Library, Ebooks & Guides, Supply Chains, VerSprite Security Resources

Using Risk-Based Threat Modeling to Protect Your Supply Chain

Why are supply chains a popular target for cybercriminals? VerSprite CEO, Tony UcedaVélez, introduces our risk-based threat modeling approach, PASTA, and how it allows organizations to better protect their supply chain software from threat actors.

Read About Risk-Based Threat Modeling
Attacking Your Assumptions: How Criminal Tactics Can Save Your Organization

Attacking Your Assumptions: How Criminal Tactics Can Save Your Organization

In this article, VerSprite's Offensive Security team explore the difference between common security risk assessments (vulnerability assessment, penetration testing, and red teaming) as we walk you through real exploits we have used to test organizations' security protocols.

Read About Criminal Tactics

Category

View All
Grey Box Application Testing: What It Is and Why You Need It
Application Security, OffSec

Grey Box Application Testing: What It Is and Why You Need It

VerSprite and AppSecEngineer Partner to Operationalize Security Training
Security Training

VerSprite and AppSecEngineer Partner to Operationalize Security Training

Nordstream Pipelines Attacks
Integrated Risk Management (IRM), News

Nordstream Pipelines Attacks

Envisions Geopolitical Threat Report:
eBook, Integrated Risk Management (IRM)

Envisions Geopolitical Threat Report:

Turn Data *Mis*Management into Data Security
Data Privacy & Development of Security Policies, Governance Risk & Compliance

Turn Data *Mis*Management into Data Security

Domain Spoofing and Phishing Attacks
Governance Risk & Compliance, Security Awareness

Domain Spoofing and Phishing Attacks

PCI DSS 4.0: What You Need to Know and What You Need to Do
OffSec, Regulatory Compliance

PCI DSS 4.0: What You Need to Know and What You Need to Do

AI and Cybersecurity: Threats and Opportunities
OffSec

AI and Cybersecurity: Threats and Opportunities

Welcome to The World of Geopolitics and Cybersecurity!
eBook, Integrated Risk Management (IRM)

Welcome to The World of Geopolitics and Cybersecurity!

Why Bad Guys Do Bad Things: How Maslow’s Hierarchy of Needs Can Help Identify Cyber Threats
Threat Intelligence

Why Bad Guys Do Bad Things: How Maslow’s Hierarchy of Needs Can Help Identify Cyber Threats

Analyzing the State of Cybersecurity at the End of 2022
eBook, Integrated Risk Management (IRM), Security Awareness

Analyzing the State of Cybersecurity at the End of 2022

Chrome Exploitation: How to easily launch a Chrome RCE+SBX exploit chain with one command
Application Security, Security Research

Chrome Exploitation: How to easily launch a Chrome RCE+SBX exploit chain with one command

Printer Spooler Bug Research
Security Research, Threat & Vulnerability Management

Printer Spooler Bug Research

Digital AdTech Firm’s CTO Focuses on Strategic Cybersecurity Alliances to Build Resiliency for Digital Turbine
Red Teaming and Social Engineering, VerSprite Security Resources

Digital AdTech Firm’s CTO Focuses on Strategic Cybersecurity Alliances to Build Resiliency for Digital Turbine

Windows Kernel Drive Vulnerability Research:  CVE-2020-17087
Security Research, Threat & Vulnerability Management

Windows Kernel Drive Vulnerability Research:  CVE-2020-17087

ci cd security, devsecops ci/cd, web app pen testing

Subscribe for Our
Updates

Please enter your email address and receive the latest updates