Monday, December 11, 2023

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library

Home
Security Bloggers Network
Webinars
Events
- Upcoming Events
- On-Demand Events
Sponsored Content
Chat
Library
Related Sites
Media Kit
About
Sponsor

Analytics
AppSec
CISO
Cloud
DevOps
GRC
Identity
Incident Response
IoT / ICS
Threats / Breaches
More
Humor

Hot Topics

iOS 17 NameDrop Debunking, Real World QR Code Attacks, Impact of Ransomware on Hospitals
DEF CON 31 XR Village - Whitney Phillips’ ‘Augmented Reality And Implications On Mobile Security’
Navigating an AI-Enhanced Landscape of Cybersecurity in 2024: A Proactive Approach to Phishing Training in Enterprises
The SOC 2 Compliance Checklist for 2023
2023 Cyber Review: The Year GenAI Stole the Show

Application Security Events Security Bloggers Network

Home » Cybersecurity » Application Security » OWASP APPSEC Cali 2018, Brook Schoenfield’s ‘Lessons From The Threat Modeling Trenches’

OWASP APPSEC Cali 2018, Brook Schoenfield’s ‘Lessons From The Threat Modeling Trenches’

by Marc Handelman on April 27, 2018

Sponsorships Available

*** This is a Security Bloggers Network syndicated blog from Infosecurity.US authored by Marc Handelman. Read the original post at: https://youtu.be/DEVt1Adybvs

April 27, 2018April 27, 2018 Marc Handelman Application Security, Conferences, education, Information Security, owasp

← Security and Privacy Awareness in the Age of Facebook
Why Are You Still Using IE? Double Kill Is Just the Latest Issue →

Techstrong TV – Live

Click full-screen to enable volume control

Watch latest episodes and shows

Upcoming Webinars

Mon 11

How Boundless Software Accelerated Customer Onboarding With Calico Cloud and Amazon EKS

December 11 @ 11:00 am - 12:00 pm

Mon 11

API Security

December 11 @ 1:00 pm - 2:00 pm

Thu 14

AWS Immersion Day: Securing Your Infrastructure-as-Code With Snyk and HashiCorp

December 14 @ 1:00 pm - 3:00 pm

Tue 19

Best Practices to Secure and Protect Modern Software Applications

December 19 @ 9:00 am - 10:00 am

Jan 17

Transformative Benefits of Automated Dependency Updates for Your Applications

January 17, 2024 @ 9:00 am - 10:00 am

Feb 12

Ransomware

February 12, 2024 @ 1:00 pm - 2:00 pm

Mar 11

Securing Open Source

March 11, 2024 @ 1:00 pm - 2:00 pm

May 20

Zero-Trust

May 20, 2024 @ 1:00 pm - 2:00 pm

Subscribe to our Newsletters

Most Read on the Boulevard

Russian-Backed Hackers Target High-Value US, European Entities

Use Windows 10? You Must PAY for Security

In Pursuit of a Passwordless Future

5 Security Benefits of Application Mapping

Russian FSB Targets US and UK Politicians in Sneaky Spear-Phish Plan

Top Characteristics of a QR Code Phishing Email

Top Security Trends and Predictions for 2024

Taking a Proactive Approach to Mitigating Ransomware Part 1: You Can’t Neglect the Application Layer

Developers behaving badly: Why holistic AppSec is key

Enhancing Executive Cyber Health: BlackCloak’s Personalized Security Solutions

Download Free eBook

The State of Cloud Native Security 2020

Industry Spotlight

Analytics & Intelligence Application Security Cloud Security Cloud Security Cyberlaw Cybersecurity Data Privacy Data Security Deep Fake and Other Social Engineering Tactics Digital Transformation Editorial Calendar Endpoint Featured Governance, Risk & Compliance Humor Identity & Access Identity and Access Management Incident Response Industry Spotlight Mobile Security Most Read This Week Network Security News Popular Post Regulatory Compliance Securing the Cloud Securing the Edge Security at the Edge Security Awareness Security Boulevard (Original) Security Challenges and Opportunities of Remote Work Social - Facebook Social - LinkedIn Social - X Social Engineering Spotlight Threat Intelligence Threats & Breaches Vulnerabilities Zero-Trust

Russian FSB Targets US and UK Politicians in Sneaky Spear-Phish Plan

December 8, 2023 Richi Jennings | 2 days ago 0

Cybersecurity Data Security DevOps Endpoint Featured Industry Spotlight Mobile Security Network Security News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Vulnerabilities

CISA to Developers: Adopt Memory Safe Programming Languages

December 7, 2023 Jeffrey Burt | 3 days ago 0

Cloud Security Cybersecurity Data Security DevOps Featured Industry Spotlight IoT & ICS Security Network Security News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Threat Intelligence

Dragos Offers Free OT Security Tools to Small Utilities

December 7, 2023 Jeffrey Burt | 3 days ago 0

Top Stories

Cybersecurity Data Security Endpoint Featured Malware Mobile Security Network Security News Security Awareness Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Threat Intelligence

Trojan Malware Hidden in Cracked macOS Software, Kaspersky Says

December 8, 2023 Jeffrey Burt | 2 days ago 0

Analytics & Intelligence Cybersecurity Data Security Featured Governance, Risk & Compliance Identity & Access News Security Boulevard (Original) Social - X Social Engineering Spotlight Threat Intelligence Threats & Breaches Vulnerabilities

Identity Fraud Rises as E-Commerce, Payment Firms Targeted

December 8, 2023 Nathan Eddy | 2 days ago 0

Application Security Cloud Security Cybersecurity Data Security Identity & Access Malware Network Security News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Threat Intelligence Threats & Breaches

CISA: Hackers Use ColdFusion Flaw to Breach Federal Agency

December 6, 2023 Jeffrey Burt | 4 days ago 0

Security Humor

Randall Munroe’s XKCD ‘Compact Graphs’

Randall Munroe’s XKCD ‘Compact Graphs’

Join the Community

Add your blog to Security Bloggers Network
Write for Security Boulevard
Bloggers Meetup and Awards
Ask a Question
Email: [email protected]

Useful Links

About
Media Kit
Sponsor Info
Copyright
TOS
DMCA Compliance Statement
Privacy Policy

Related Sites

Techstrong Group
Cloud Native Now
DevOps.com
Digital CxO
Techstrong Research
Techstrong TV
Techstrong.tv Podcast
DevOps Chat
DevOps Dozen
DevOps TV

Powered by Techstrong Group

Copyright © 2023 Techstrong Group Inc. All rights reserved.

Cloud Workload Resilience PulseMeter

Step 1 of 8

12%

How do you define cloud resiliency for cloud workloads? (Select 3)(Required)

The ability to recover from failures, high loads and cyberattacks.

Continue servicing workload requests during the recovery of failed components or services.

Implementing security measures to protect cloud workloads from cybersecurity threats like DDoS.

Maintaining uninterrupted service in the face of software, infrastructure and network failures or disruptions.

Designing cloud workloads to adapt to sudden changes in demand automatically.

Regularly performing backups to prevent data loss and enable quick recovery in case of failures.

Designing cloud workloads so they can more easily move between cloud locations and service providers.

Using geographically distributed or redundant cloud data centers.

Resiliency is just another marketing buzzword.

In what ways does cloud-native architecture improve the resiliency of workloads deployed in the cloud? (Rank order)

Smaller, self-contained microservices fail independently without impacting overall availability.
Containerized software provides isolation and consistency, making it easier to scale and recover from failure.
Stateless design patterns increase scalability and can fail independently without impacting other parts of cloud applications.
Serverless design pattern allows events to initiate the operation of the discrete functions as needed.
Cloud-native architecture significantly influences the resiliency of cloud-deployed applications.
Cloud-native architecture provides limited or no resiliency improvement.

How important is improving the resiliency of cloud workloads for your organization in 2024? (Select 1)(Required)

The number-one priority

In the top three priorities

In the top 10 priorities

Important but not a priority

Not important

Which of the following do you use to improve the resiliency of cloud workloads? (Select all that apply)(Required)

Containers

Microservices

Container orchestration

Serverless

Multiple cloud providers

Infrastructure-as-code (IaC)

Data distribution or replication

Observability tools based on OpenTelemetry

Failure testing

What factors in cloud-native (microservices) workloads increase resiliency? (Rank order)

Distribute workloads
Portable workloads across multiple cloud providers
Move some workloads to the edge
Kubernetes clusters for failover and load distribution
Stateless software design
Increased security posture
Setting meaningful and achievable resiliency goals

What are the most significant challenges to improving the resiliency of cloud workloads or cloud-native applications? (Select all that apply)(Required)

Lack of skills and knowledge

Legacy or existing architecture of applications

Large amount of technical debt

Multiple or conflicting definitions of resiliency

Inability to gain executive support

Ability to test resiliency without impacting service levels

Insufficient funding

Other

How much of your cloud workload is cloud-native today? (Select 1)(Required)

100% - all cloud-native

Greater than 50%

25-50%

Under 25%

0% - No cloud-native

What is your business or organization's size (# employees)? (Select 1)(Required)

1 - 100

101 - 500

501 - 1000

1001 - 5000

Over 5000

Δ