IriusRisk’s Post

Over the weekend I finally completed some reading on threat modelling that I started weeks ago. This included The Threat Modeling Manifesto. I like the succinct best practice guidance that the manifesto provides, guiding on how to do threat modelling with your team regardless of which tools and techniques you are using, through defining values, principles, patterns and anti-patterns for teams to use (or avoid in the case of the anti-patterns). I’m looking forward to putting this into practice and exploring some new techniques to use. Anyway, now back to my CAPSLOCK pre-reading … #ThreatModeling

The first Threat Modeling Insider of 2025 is here! 🤩 We’re excited to bring you another year filled with valuable Threat Modeling insights, and we’re kicking off 2025 with a bang! In our guest article, Jeroen Verwoest explains how you can enhance your penetration tests using threat modeling techniques. Meanwhile, our Toreon blog post covers Risk Patterns, with Sebastien Deleersnyder discussing their potential and how they can boost your threat models. That's just the beginning—here's a complete overview of this month's edition: 📍Guest Article: How to Enhance Your Pentest Using Threat Modeling, by Jeroen Verwoest 📍Toreon blog: Risk Patterns, Your Secret Weapon for Smarter Threat Modeling, by Sebastien Deleersnyder 📍OWASP TOP 10 for LLM Applications 2025 📍Steven Wierckx’s Choice: The Best Threat Modeling Talk of 2025 📍Tips & tricks: Threat composer workspace Happy reading! https://lnkd.in/eS6PVG2J #toreon #tmi #threatmodeling #threatmodelingnewsletter

Driving adoption for threat modeling processes can be a big job, but there are ways to advance this and create advocates within your organization to make it successful. Learn more in this great blog from @John Taylor for some actionable advice to drive your adoption and take your initiative forward. https://hubs.ly/Q02Q5MRS0 #threatmodeling #threatmodelingtools #trainingmodels #securitychampions #processes

Hi All, Threat modeling tool "Stridegpt. streamlet is explained in this video. Tool link:- https://lnkd.in/gwzR7ZdA Please refer video https://lnkd.in/gYrWX42z The video is raw and not edited much. I hope you all will like it in the same form. 😊 #cio #cto #ciso #cro #risk #threatmodelling Note: The video is only for awareness purposes; please read the tool's guidelines on authenticated sources and understand the risk/cost before use.

💥 Threat Modeling Digital Credentials with  Ben Laurie's Properties. ⛓️💥 Part of the high-level Threat Model we are working on at W3C is the links between Minimal and Unlinkable. 🛡️ Principles/objectives can often be useful for modeling as well. #websecurity #threatmodeling #digitalidentities

This ReversingLabs blog post shares five ways organizations can marry threat modeling with binary analysis to get ahead of risk. #AppSec #ThreatModeling #SoftwareSupplyChainSecurity

The latest Threat Modeling Insider is here! This edition, we’re skipping our usual guest article to focus on the upcoming ThreatModCon in Lisbon! The brightest minds in the threat modeling space are ready to collaborate, learn, and upskill together, and you can still register for the event. But that’s not all of course, let’s take a look at what else we have in store for this month’s edition: 📍ThreatModCon 2024 Lisbon is coming in 20 days! 📍Curated content: MITRE Unveils EMB3D: A Threat-Modeling Framework for Embedded Devices 📍Curated content: OWASP® Foundation Top 10 for LLM Applications 📍Toreon blog: Threat Modeling Playbook Part 5 - Innovate with threat model technology 📍Tips & tricks: Secure from the Start: Integrate Continuous Threat Modeling 📍An update on our upcoming training sessions https://lnkd.in/e9NjxrDA #toreon #TMI #threatmodeling #newsletter

Threat modeling is a key tool for identifying and mitigating potential security threats early in your project lifecycle. Enclosed a course created by 😷 Adam Shostack A Podcast episode about threat modeling https://lnkd.in/dxeKaVbV Are you prioritizing it? ---------- 🔍 Follow The ITSM Practice Podcast on LinkedIn for daily insights on ITSM and IT Security. 🎧 Check out The ITSM Practice Podcast on Spotify: https://lnkd.in/dJh7UnzC #itil #itsecurity 

Explore uncommon aspects of #NTLM relaying with Kevin Murphy, Technical Lead, Threat & Attack Simulation at @GuidePoint and uncover advanced attack opportunities. Discover more in the full blog post at https://okt.to/aPkuw0 #AuthenticationTechnology #NetworkSecurity #DataSecurity

Learned threat modelling and the methodology of Advanced Persistent Threats