Organization Threat Models | VerSprite Application Threat Modeling Organization Threat Models | VerSprite Application Threat Modeling

Home  |  Resources  |  Threat Modeling

Fixing Threat Models with OWASP Efforts

Written By: Tony UcedaVélez

< Back to Blog Home

Why Organizations Should Reboot Their Approach to Threat Modeling

Global organizations have been working off of a broken or non-existent threat model. Distracted with compliance, plagued with undefined attack surfaces, a deluge of inoperable threat intel, risk distortions, and made complacent by a sea of controls, *Sec practitioners should feel compelled to reboot their approach.

Applying Security Through Measurable Technology

This talk exemplifies how key OWASP projects can truly bootstrap the smallest of *Sec groups to make a measurable impact to applying security through measurable technology in lieu of security smokescreens that plague our industry.

Hear an OWASP commission for change and hear how an OWASP security mesh can exemplify a model that can be imitated by audience members to apply to their own respective security programs and overall companies.

PASTA Threat Modeling

Risk Centric Threat Modeling:
Process for Attack Simulation and Threat Analysis

VerSprite leverages our PASTA (Process for Attack Simulation & Threat Analysis) methodology to apply a risk-based approach to threat modeling. This methodology integrates business impact, inherent application risk, trust boundaries amongst application components, correlated threats, and attack patterns that exploit identified weaknesses from the threat modeling exercises.

Learn More →

We are an international squad of professionals working as one.