Home | VerSprite Resources

Security Controls

We are passionate about helping our clients chart a course that brings security and business together.

Cyber crime

Blog Post

Web Application Security

Why Bad Guys do Bad Things:

In this briefing, VerSprite’s Threat Intelligence Team covers “Why Bad Guys do Bad Things?” and why Threat Intelligence Analysts should possess the knowledge of who threat actors are and what drives their criminality.

Learn more

Insider Threats

Blog Post

Analyzing the State of Cybersecurity

In this blog, we look back at how the cybersecurity landscape has drastically changed in 2022, what influenced the uptick in cybercrime, and what you need to be aware of to better prepare for the coming year. Our Envisions is a leading threat report, produced by the VerSprite team of cybersecurity analysts, that encompasses cyber trends and geopolitical themes to provide the best expert overview of the state of cybersecurity.

Learn more

RACI PASTA THREAT MODELING

Blog Post

Web Application Security

A Look at RACI Models within Application Threat Modeling

In this model, you will see engineers, network professionals, developers, architects, business analysts, project managers, security champions, pentesters, and quality assurance engineers. Because they all have some level of involvement and collaboration at different stages of application, as well as organizational, threat modeling ensures effective results.

Learn more

organizational threat

Blog Post

Process for Attack Simulation & Threat Analysis

Operationalizing CISA Alerts with Threat Models for Effective Cybersecurity

In this blog, we’ll exemplify how to leverage a threat advisory, revealing CVE alerts from Cybersecurity and Infrastructure Security Agency (CISA) and see how such alerts could be operationalized into an organizational threat model so that such alerts and helpful advisories can get contextually made relevant to an organizational threat model.

Learn more

PASTA THREAT MODELING

Blog Post

Organizational Threat Model

Risk-Centric Threat Models as Blueprints to Operationalizing Cybersecurity

At this point, Organizational Threat Models are not something that snap on as a plugin to a SIEM or threat intel subscription feed, but something that can be instead used to train SOC analysts on how to think in the trenches when triaging security events and incidents.

Learn more

Threat Modeling Within Software Development Lifecycle (1)

Blog Post

Web Application Security

Threat Modeling Within Software Development Lifecycle

In this blog post we will take a deeper dive into exactly how to approach integrating security into your Software Development LifeCycle (SDLC). In addition, we will delve into one available resource that provides guidance on how to get started.

Learn more

7 Stages of PASTA Threat Modeling | VerSprite Cyber Security

Blog Post

PASTA Threat Modeling

What is PASTA Threat Modeling?

PASTA threat modeling is a leading threat model methodology that allows you to realize an attacker’s motivations, perform risk analysis, and prioritize risks based on their business impact. This article breaks down all seven stages of the process.

Learn more

Blog Post

Continuous Integration

DevSecOps: Automating Security Testing in a CI/CD Pipeline

In this tutorial, VerSprite’s DevOps team walks you through how to automate SAST into your CI/CD pipeline

Learn more

Blog Post

Organizational Threat Model

Companies Using VMware ESXi Are Being Targeted by Ransomware

Companies using VMware ESXi are being targeted by ransomware-as-a-service, resulting in encrypted virtual hard drives. Learn the business impact of this attack and get mitigation recommendations from VerSprite’s Threat Intelligence Group.

Learn more

We are an international squad of professionals working as one.

Email

[email protected]

logos