Application Security Development Lifecycle 5A: Is Threat Modeling Right For You?

Several enterprises are increasingly investing time and money in building application security tasks into their existing SDLCs. Some of them have also reached the conclusion that proactive approaches , like threat modeling, have more ROI than reactive approaches. As a result, some enterprises with nascent appsec programs have turned to threat modeling as a panacea…

0

Front Range web application security summit in Denver

I will be speaking at the Front Range OWASP Conference (FROCo8) in Denver on June 10th. The focus of the conference to share the experiences that the speakers had around solving technical and management issues surrounding application security. I’ll be sharing the podium with luminaries like Ed Bellis, Jeremiah Grossman, Melissa Tondi, Laz, Mike Walter…

0

Threat Modeling – Sanity Check List

  Hi, I am Sagar Joshi and I work with the ACE Services Team. There is a lot of awareness building around TAM – Threat Analysis and Modeling tool developed by ACE. I have come across practitioners from various disciplines who want to start doing threat modeling to get an idea about the possible threat…

2

What would you like the ACE team to discuss on Channel 9?

The ACE Team is going to be doing a Channel 9 video with Robert Scoble!  (Thanks Robert! 🙂  We’ll get a chance to discuss what we do and how we do it.  We’ll also be spending time talking about our threat modeling process and tool (more info as always on our threat modeling blog).  But…

0

Threat Analysis & Modeling Launch

Over the past several years, the ACE Team has developed and matured a threat modeling methodology for the implementation of software.  We’ve recently started a separate blog for threat modeling & I’d like to invite you to check it out and keep watching it for more details as we get ready to launch version 2.0…

3