PASTA Threat Modeling
Threat models are often used by security champions to discover flaws in application environments. Many threat models are built thru defensive lens, foregoing realistic attack patterns that reflect adversarial goals vs. simply using a limited, non-mutable threat category.
This presentation revisits both traditional governance best practices that are still invaluable to proper data management and governance efforts, as well as practical technological controls that can support the management of data.
Statistical Findings & Security Metrics
The volume of content available in some investigations can be overwhelming to the point that investigations are slowed and the size of the backlog increases. Learn how to accelerate the investigative process through the use of statistical sampling method.
VerSprite’s Managing Consultant for DFIR provides an adaptive, heuristic approach that has been successfully used to identify compromised assets, rogue accounts, unauthorized software, organizational policy violations and poor security practices.
This presentation covers the various techniques of social engineering cyber criminals use and your organization can protect against them.
PASTA is the Process for Attack Simulation & Threat Analysis and is a risk-centric threat modeling methodology aimed at identifying viable threat patterns against an application or system environment.
Enterprise Data Security
In this presentation from ARMA 2018 Atlanta, we discuss the reality of and risks around privacy in a digital age.
Data Security Breach
A security breach is becoming more common, but many organizations are challenged when it’s time to make the security breach announcement plan. Review steps that may be taken before the breach to streamline the announcement and notification process.
Android Mobile Security
On the shoulders of giants, this presentation will take a deep dive into the Dalvik Virtual Machine’s JIT implementation and how it can be used and abused to execute shellcode.
PCI DSS Compliance
In this presentation, we share our Point-of-Sale security research presented at BSides ATL 2018, which has revealed many concerns involving the secure development of payment applications.
you might be wondering what in the world XML External Entity (XXE) processing is and how it pulled the number four spot of most critical web application security risks. Also, according to OWASP it’s an issue that is “not commonly tested as of 2017.” Don’t panic – here’s a quick rundown of what it is and why you should care.
This presentation details examples in applying the PASTA (Process for Attack Simulation & Threat Analysis) threat modeling methodology.
We are an international squad of professionals working as one.
Copyright 2018 VerSprite - All Rights Reserved