Tune into our follow-up discussion on the SolarWinds’ supply chain attack. (Watch part one here.) In this episode, our cybersecurity consultants discuss, debate and decode the information that has come out since our original response video to the FireEye breach. We introduce the idea of having a company zero trust policy for vendors and software, as well as how to use organizational threat models to determine your current security risks. Our consultants also discuss the risks and benefits of disclosing what gets patched and whether cybercrinimals can use this as a checklist for future attacks.
Inside the Podcast:
VerSprites approach to threat modeling provides a risk-based approach that is backed by evidence. VerSprite’s security experts correlate real threats to your attack surface of application components and identify risk by first understanding the context of what the software or application is intended to do for the business or its clients. We also conduct exploitation tests that support threat motives within the model to validate whether they are probabilistic. Correlating viability with sustained impact allows this methodology to resonate as a highly effective risk-focused threat modeling approach. Learn how we can tailor our threat modeling approach to fit your overall organization’s security needs. Learn more →