BT

Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ

Topics

Choose your language

InfoQ Homepage Threat Modeling Content on InfoQ

Articles

RSS Feed
  • Strategies for Assessing and Prioritizing Security Risks Such as Log4j

    The evolving threat landscape requires a comprehensive approach to mitigation. An effective strategy is built on visibility, assessing vulnerabilities in context, effective use of filtering technologies, and monitoring for evidence of intrusion.

  • Insights into the Emerging Prevalence of Software Vulnerabilities

    The software exploit landscape is constantly evolving and organizations need to be structured to stay ahead of these risks. A solid platform built on software best practices, education, and a good understanding of the threat landscape is critical to a strong defensive posture.

  • Three Major Cybersecurity Pain Points to Address for Improved Threat Defense

    Three pain points every company must address when addressing cybersecurity include threat volume and complexity, a growing cybersecurity skills gap, and the need for threat prioritization. This article describes each of these in some detail, and includes recommendations for corporations to deal with them.

  • UED: The Unified Execution Diagram

    Today’s software applications have a lot of concurrent tasks that are distributed over multiple threads, processes, processors and PCs. This article introduces a visual modeling technique to describe and specify the application’s execution architecture. Within Philips Healthcare the Unified Execution Diagram has proven to be very useful for designing and documenting the execution architecture.

  • How to Start With Security

    Computer security, or the lack thereof, has made many headlines recently. In this article we'll look at how bad things are and what you, as a software developer, can do about it. It will help get you started or hopefully give you some new ideas if you're already doing some security work.

  • Developer-Driven Threat Modeling

    Threat modeling is critical for assessing and mitigating the security risks in software systems. In this IEEE article, author Danny Dhillon discusses a developer-driven threat modeling approach to identify threats using the dataflow diagrams.

  • Resilient Security Architecture

    In this IEEE article, author John Diamant talks about how to improve security quality of software applications using a proactive approach with techniques like Security requirements gap analysis and Architectural threat analysis in the early phases of software development life cycle.

BT