Home | VerSprite Resources

Security Controls

We are passionate about helping our clients chart a course that brings security and business together.

7 Stages of PASTA Threat Modeling | VerSprite Cyber Security

Blog Post

Organizational Threat Model

What is PASTA Threat Modeling?

PASTA threat modeling is a leading threat model methodology that allows you to realize an attacker’s motivations, perform risk analysis, and prioritize risks based on their business impact. This article breaks down all seven stages of the process.

Learn more

Blog Post

Continuous Integration & Continuous Delivery (CI/CD)

DevSecOps: Automating Security Testing in a CI/CD Pipeline

In this tutorial, VerSprite’s DevOps team walks you through how to automate SAST into your CI/CD pipeline

Learn more

Blog Post

Companies Using VMware ESXi Are Being Targeted by Ransomware

Companies using VMware ESXi are being targeted by ransomware-as-a-service, resulting in encrypted virtual hard drives. Learn the business impact of this attack and get mitigation recommendations from VerSprite’s Threat Intelligence Group.

Learn more

software development security

Ebook

Web Application Security

Integrating Security into DevOps

This guide builds on the introduction of “Security as Code”. As expected, this is the automation of security checks and gates via code and integrated into the overall DevOps process again following software engineering practices.

Learn more

Automated building, testing and deploying applications gives the consistency and velocity needed to support your customers with continuous updates. This level of automation provides an opportunity for including security best practices into the Software Development Life Cycle (SDLC).

Webinar

General Data Protection Regulation (GDPR)

How DevSecOps Efforts Are Changing How We Govern Security Controls

The rise of regulations and demand for more agile engineering practices is forcing CISOs and security programs to develop more sophisticated ways to adhere to security requirements from regulations, internal governance, and clients.

Learn more

Managing Cloud Infrastructure Cloud Security Risk

Ebook

Security Controls

VerSprite’s Guide to Managing Cloud Security Risk

Use of public cloud infrastructure is now commonplace with nearly $60 billion spent annually. Of course, there are good reasons for this as Infrastructure and Platform as a Service provide several advantages over traditional in-house hosting. VerSprite shares key principles that will help you manage your cloud security risk.

Learn more

Shifting Security Left

Webinar

Security Controls

Shifting Security Left: Why You Shouldn’t Wait to Apply Security Controls

DevSecOps efforts are changing how we govern security controls via greater automation tools that are readily available to leverage. Watch this webinar to discover how to “shift left” in terms of implementing critical security controls during the pre-implementation phases of the Software Development Life Cycle (SDLC).

Learn more

Risk-Based Threat Modeling

Blog Post

Organizational Threat Model

Threat Models as Blueprints for Threat Intelligence, Threat Data

At this point, Organizational Threat Models are not something that snap on as a plugin to a SIEM or threat intel subscription feed, but something that can be instead used to train SOC analysts on how to think in the trenches when triaging security events and incidents.

Learn more

Infrastructure as Code

Blog Post

Web Application Security

How to Approach Integrating Application Security into Your SDLC

In this blog post we will take a deeper dive into exactly how to approach integrating security into your Software Development LifeCycle (SDLC). In addition, we will delve into one available resource that provides guidance on how to get started.

Learn more

We are an international squad of professionals working as one.

Email

[email protected]

logos