Publish-Subscribe Threat Modeling
How to threat model in a publish-subscribe environment with the STRIDE threat modeling method.
Read Article
Security Compass Blog
Learn about what's happening in software development and application security.
-
-
Research Study Results: US Government Agencies Face Numerous Challenges Balancing Software Security & Time to Market Demands
Research Study Results: US Government Agencies Face Numerous Challenges Balancing Software Security & Time to Market Demands
Read Article
-
Cloud Computing Trends: The State of Cloud Adoption in 2021
Cloud usage among enterprises continues its upward trends, outpacing the fast-growth expectations of only just a few years ago.
Read Article
-
Check Out Upcoming Events & Webinars!
Learn More -
Data Flow Diagrams and Threat Modeling
Threat modeling is not a new concept. However, it would serve us well if we examined where we are today compared to the past. Or more precisely, have we improved?
Read Article
-
Threat Modeling: An Essential Cornerstone of DevSecOps Culture
Threat modeling as a proactive practice in software development can help prevent many data breaches. Let's learn about the current state of threat modeling.
Read Article
-
How to Transition from PA-DSS to PCI Software Security Framework
Back in 2019, the PCI Security Standard Council replaced the PA-DSS program with the new PCI SSF. Let's learn how you can make your transition smooth.
Read Article
-
Improving Cybersecurity: Impact of the U.S. Executive Order
Last month, the Biden administration signed an Executive Order to improve cybersecurity. One aim of the new order is to regulate what the government considers reasonable security practices.
Read Article
-
U.S. Federal Government Agencies: SD Elements Embeds Cybersecurity Training Into DevSecOps
Cybersecurity training programs for developers help build a culture of security in your organization as well as raise awareness about secure coding best practices.
Read Article
-
How the Financial Industry Can Prepare for Cyber Threats of the Future
Learn about the latest cybersecurity threats to the financial sector and the importance of implementing new tech with an approach of security by design.
Read Article
-
NIST 800-53 Revision 5: Preparing for Transition and Ensuring Compliance
After years of anticipation, the NIST SP 800-53 Rev. 5 was released in 2020. Let's learn how federal information systems can ensure compliance with these security controls.
Read Article
-
Building the Next Generation of Cybersecurity Consultants: An Interview with Manny Mand
What does it take to grow the next generation of cybersecurity consultants? Manny Mand discusses his cybersecurity journey and role at Hackers for Change.
Read Article
-
Confronting Common Container Security Vulnerabilities
Containers are transforming how businesses deploy and use applications. Find out how you can defend your business against common container security risks.
Read Article
-
Penetration Testing at the Speed of Agile
When penetration testing in Agile, yearly is not enough. Learn how continuous penetration testing leads to cost savings, time savings, and more secure software.
Read Article
-
SD Elements Meets the U.S. DoD Iron Bank Security Requirements
SD Elements is now available in the U.S. DoD Platform One Iron Bank repository which contains authorized container images hardened to the department’s exacting specifications.
Read Article
-
Secure Your Software Build Operations
What secures (or fails to secure) your business does not depend on written policies. It depends on what your development team is doing day in and day out.
Read Article
-
TimeGap Theory: Testing for TOCTOU Issues in Web Applications
Your security and development teams should know how to identify and mitigate TOCTOU vulnerabilities. Learn why, and learn how, to test for them in this new book.
Read Article
-
How to Build Custom Red Team Testing Tools in C++
A conversation with Steven Patterson about his eBook, which teaches red team testing professionals how to start building Command and Control tools in C++.
Read Article
-
The 2021 State of DevSecOps: Challenges and Drivers
In our survey, we found a rising trend toward the adoption of DevSecOps over the last year.
Read Article
-
Survey: The 2021 State of DevSecOps
Last year was challenging, but it also presented a great opportunity for organizations to address cybersecurity in scalable ways. Let's learn where security is headed in 2021.
Read Article
-
Cloud versus Traditional Security: Protecting Your Data & Systems
To stay secure while embracing the cloud, your organization will need a security program that takes into account the differences between cloud and traditional security.
Read Article
-
Loading More...
