Concerns about software security have been with us since the early days of modern computing. Within software security, we have used threat modeling as a security activity to analyze meaningful threats ...

Threat Abstraction and Modeling is an important piece of planning in the enterprise as it can be used as an approach to better secure software. Threat Abstraction and Modeling is an important piece of ...

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. This article introduces practical methods for ...

The MITRE ATT&CK framework, launched in 2015, has become the de facto method for cataloging attacks and understanding an organization's defensive capabilities. This information is also useful to risk ...

In a world where cyber threats continue to grow in complexity and quantity each year, threat modeling is one of the most advantageous and practical tools organizations can use to shore up security.

Application threat modeling has gotten a bad rap over the years. Security leaders looking to implement application threat modeling with their product teams must contend with stakeholders who see it as ...