Threats And Countermeasures
PASTA Process for Attack Simulation and threat analysis (PASTA) Risk-centric Threat Modeling
Castle under siege (Source Wikipedia) Information security is about protecting digital assets from threats, software security is about designing and implementing software that is not vulnerable to threat agents seeking to exploit ...
PASTA Process for Attack Simulation and threat analysis (PASTA) Risk-centric Threat Modeling
Castle under siege(Source Wikipedia)Information security is about protecting digital assets from threats, software security is about designing and implementing software that is not vulnerable to threat agents seeking to exploit design flaws ...
Attack Simulation and Threat Analysis of Banking Malware-Based Attacks
I presented on the topic of threat modeling of banking malware attacks at the Security Summit conference in Rome, Italy and at the OWASP Appsec EU conference in Dublin Ireland. A new application threat modeling methodology ...
Perceived Security vs. Real Security
M.C. Escher (1898 - 1972), Bond Of Union, 1956. Risk mitigation is about making an assessment more or less objectively of possible circumstances and events that might determine an impact. The perception ...
Looking past the cyber threats of the last decade and the new to come
 Top Cyber Security Risks As we pass the first decennial after 2000 we can look back at how IS threats have evolved in the last ten years such as for the complexity ...
Cybercrime risk mitigation: a critical view of compliance from threat analysis perspective
I recently had the opportunity to give prezos for OWASP in Los Angeles and Orange County together with the Application Threat Modeling book co-author, Tony Ucedavelez. Both Tony and I believe that ...
Financial Markets Meltdown: Risk Management Lessons
Example of god action: lightningI just finished reading the book "Against The Gods, The Remarkable Story Of Risk, Peter L. Bernstein". This is part of my current study of financial risks and ...
New phishing attacks require adoption of different countermeasures
Phishign warning source: Cyberpunk blogBack in the early 2000 phishing attacks require fraudsters to clone a web site, register it on similar domain and social engineer a victim with a phishing mail ...
7 Information Security Lessons You Can Learn By Watching The Movie JAWS
If your are an information security officer managing risk and incident response processes, I strongly recommend watching the movie Jaws as a case study for learning how human and business factors play in dealing with bad, non expected ...
Threat Modeling Article
I co-authored with Tony Ucedavelez (Managing Director for Versprite) an article on threat modeling. It is published on the June edition of In-secure magazine. The intent was to give an holistic view ...
