#threatmodeling — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #threatmodeling, aggregated by home.social.
-
Did you read "No Security Meter for AI" (ref: berryvilleiml.com/docs/no-secu...) If you did, you know that AI should not handle the threat modelling for your software without you double-checking the output. #security #appsec #threatmodeling #ai #machinelearning #ml #games
berryvilleiml.com/docs/no-secu..... -
Did you read "No Security Meter for AI" (ref: berryvilleiml.com/docs/no-secu...) If you did, you know that AI should not handle the threat modelling for your software without you double-checking the output. #security #appsec #threatmodeling #ai #machinelearning #ml
berryvilleiml.com/docs/no-securi... -
So I am not allowed to use the word *****, then make sure people have iron balls tied to one of their feet. Unfortunately, it's all too easy to trick an #LLM into doing something it shouldn't do. Which means we really need to think outside the box to #secure them. #appsec #threatmodeling #games
-
OWASP Cornucopia just released v3.1.0 github.com/OWASP/cornuc... A Special thanks to Prakhar Porwal for implementing the CRE api for the Companion edition (ref: cornucopia.owasp.org/api/docs ). Thank you so much for all your help! #games #cornucopia #owasp #appsec #security #threatmodeling
Release Release v3.1.0 · OWASP... -
Yes! It’s time to party!! It was an honor to participate at the OWASP Virtual Conference commemorating the 25th anniversary. Here is the video: youtu.be/KmjUM0EF_24?... #OWASP25thAnniversary #OWASP #AppSec #security #threatmodeling #games #agile #lean #llm #agentic #devops #cloud #fromtend
OWASP Cornucopia - Stop Lectur... -
Yes! It’s time to party!! It was an honor to participate at the OWASP Virtual Conference commemorating the 25th anniversary. Here is the video: youtu.be/KmjUM0EF_24?... #OWASP25thAnniversary #OWASP #AppSec #security #threatmodeling #games #agile #lean #llm #agentic #devops #cloud #fromtend
OWASP Cornucopia - Stop Lectur... -
The OWASP Foundation is celebrating 25 incredible years of open source security. That’s why OWASP Cornucopia is launching its 25th anniversary edition. Read all about it here: dev.to/owasp/introd... #AppSec #security #threatmodeling #games #agile #lean #llm #agentic #devops #cloud #fromtend
Introducing a OWASP Game for t... -
Yes! It’s time to party!! It was an honor to participate at the OWASP Virtual Conference commemorating the 25th anniversary. Here is the video: youtu.be/KmjUM0EF_24?... #OWASP25thAnniversary #OWASP #AppSec #security #threatmodeling #games #agile #lean #llm #agentic #devops #cloud #fromtend
OWASP Cornucopia - Stop Lectur... -
The OWASP Foundation is celebrating 25 incredible years of open source security. That’s why OWASP Cornucopia is launching its 25th anniversary edition. Read all about it here: dev.to/owasp/introd... #AppSec #security #threatmodeling #games #agile #lean #llm #agentic #devops #cloud #fromtend
Introducing a OWASP Game for t... -
Yes! It’s time to party!! It was an honor to participate at the OWASP Virtual Conference commemorating the 25th anniversary. Here is the video: youtu.be/KmjUM0EF_24?... #OWASP25thAnniversary #OWASP #AppSec #security #threatmodeling #games #agile #lean #llm #agentic #devops #cloud #fromtend
OWASP Cornucopia - Stop Lectur... -
Yes! It’s time to party!! It was an honor to participate at the OWASP Virtual Conference commemorating the 25th anniversary. Here is the video: youtu.be/KmjUM0EF_24?... #OWASP25thAnniversary #OWASP #AppSec #security #threatmodeling #games #agile #lean #llm #agentic #devops #cloud #fromtend
OWASP Cornucopia - Stop Lectur... -
Yes! It’s time to party! The OWASP Foundation is celebrating 25 incredible years of open source security. That’s why OWASP Cornucopia is launching its 25th anniversary edition. #appsec #security #owasp #cornucopia #llm #agentic_ai #devops #cloud #frontend #threatmodeling
-
Yes! It’s time to party! The OWASP Foundation is celebrating 25 incredible years of open source security. That’s why OWASP Cornucopia is launching its 25th anniversary edition. #appsec #security #owasp #cornucopia #llm #agentic_ai #devops #cloud #frontend #threatmodeling
-
Yes! It’s time to party! The OWASP Foundation is celebrating 25 incredible years of open source security. That’s why OWASP Cornucopia is launching its 25th anniversary edition. #appsec #security #owasp #cornucopia #llm #agentic_ai #devops #cloud #frontend #threatmodeling
-
Yes! It’s time to party! The OWASP Foundation is celebrating 25 incredible years of open source security. That’s why OWASP Cornucopia is launching its 25th anniversary edition. #appsec #security #owasp #cornucopia #llm #agentic_ai #devops #cloud #frontend #threatmodeling
-
Yes! It’s time to party! The OWASP Foundation is celebrating 25 incredible years of open source security. That’s why OWASP Cornucopia is launching its 25th anniversary edition. #appsec #security #owasp #cornucopia #llm #agentic_ai #devops #cloud #frontend #threatmodeling
-
Thank you @seism0saurus for printing the data flow charts and @Gronner for taking care of the second table during my kind of impromptu threat model sessions.
You can find information about the card games here: https://owasp.org/www-project-cornucopia/ and here https://shostack.org/games/elevation-of-privilege
It was fun giving a very short introduction to the methodology and the card games.
-
Thank you @seism0saurus for printing the data flow charts and @Gronner for taking care of the second table during my kind of impromptu threat model sessions.
You can find information about the card games here: https://owasp.org/www-project-cornucopia/ and here https://shostack.org/games/elevation-of-privilege
It was fun giving a very short introduction to the methodology and the card games.
-
Thank you @seism0saurus for printing the data flow charts and @Gronner for taking care of the second table during my kind of impromptu threat model sessions.
You can find information about the card games here: https://owasp.org/www-project-cornucopia/ and here https://shostack.org/games/elevation-of-privilege
It was fun giving a very short introduction to the methodology and the card games.
-
Thank you @seism0saurus for printing the data flow charts and @Gronner for taking care of the second table during my kind of impromptu threat model sessions.
You can find information about the card games here: https://owasp.org/www-project-cornucopia/ and here https://shostack.org/games/elevation-of-privilege
It was fun giving a very short introduction to the methodology and the card games.
-
Thank you @seism0saurus for printing the data flow charts and @Gronner for taking care of the second table during my kind of impromptu threat model sessions.
You can find information about the card games here: https://owasp.org/www-project-cornucopia/ and here https://shostack.org/games/elevation-of-privilege
It was fun giving a very short introduction to the methodology and the card games.
-
"Just use Signal" is not a threat model.
At BSides312, HelpMeRob is covering the security assumptions, risk trade-offs, and blind spots that put orgs at risk even when they're using the "right" tools. 30+ years across federal law enforcement, military cyber defense, and digital forensics.
The encryption isn't the weak link. The assumptions are.
May 16th. Chicago.
🎟️ https://bsides312.org
#BSides312 #InfoSec #CyberSecurity #Signal #OpSec #ThreatModeling #Privacy #Chicago -
TechBash 2026 Keynotes and Workshops Announced Yesterday
#devconference #developers #kalahari #nepa #poconos #dotnet #aspnetcore #ai #threatmodeling #communication #kubernetes #cloud #career
-
TechBash 2026 Keynotes and Workshops Announced Yesterday
#devconference #developers #kalahari #nepa #poconos #dotnet #aspnetcore #ai #threatmodeling #communication #kubernetes #cloud #career
-
TechBash 2026 Keynotes and Workshops Announced Yesterday
#devconference #developers #kalahari #nepa #poconos #dotnet #aspnetcore #ai #threatmodeling #communication #kubernetes #cloud #career
-
TechBash 2026 Keynotes and Workshops Announced Yesterday
#devconference #developers #kalahari #nepa #poconos #dotnet #aspnetcore #ai #threatmodeling #communication #kubernetes #cloud #career
-
TechBash 2026 Keynotes and Workshops Announced Yesterday
#devconference #developers #kalahari #nepa #poconos #dotnet #aspnetcore #ai #threatmodeling #communication #kubernetes #cloud #career
-
Check out this year's keynotes and workshops! Register by June 19th for early bird discounts and ask us about sponsorship opportunities.
#devconference #developers #nepa #poconos #kalahariresort #learning #ai #kubernetes #dotnet #aspnetcore #threatmodeling #communication #dotnetmaui #blazor #javascript
-
Check out this year's keynotes and workshops! Register by June 19th for early bird discounts and ask us about sponsorship opportunities.
#devconference #developers #nepa #poconos #kalahariresort #learning #ai #kubernetes #dotnet #aspnetcore #threatmodeling #communication #dotnetmaui #blazor #javascript
-
Check out this year's keynotes and workshops! Register by June 19th for early bird discounts and ask us about sponsorship opportunities.
#devconference #developers #nepa #poconos #kalahariresort #learning #ai #kubernetes #dotnet #aspnetcore #threatmodeling #communication #dotnetmaui #blazor #javascript
-
Check out this year's keynotes and workshops! Register by June 19th for early bird discounts and ask us about sponsorship opportunities.
#devconference #developers #nepa #poconos #kalahariresort #learning #ai #kubernetes #dotnet #aspnetcore #threatmodeling #communication #dotnetmaui #blazor #javascript
-
Check out this year's keynotes and workshops! Register by June 19th for early bird discounts and ask us about sponsorship opportunities.
#devconference #developers #nepa #poconos #kalahariresort #learning #ai #kubernetes #dotnet #aspnetcore #threatmodeling #communication #dotnetmaui #blazor #javascript
-
Someone wrote a viral article claiming that Claude installs Spyware on your computer. The technical observation is real, but the threat is not. I took a closer look, and I would argue that the real issue with the Claude extension is somewhere else entirely, and I've seen little discussion on it: Matt Hand at Origin found that the extension actually allows almost *any* software on your machine to control your browser.
I wrote it up as an example for how threat modeling can be helpful in evaluating sensationalist claims about security issues, including where Anthropic themselves fall into the same trap.
-
OWASP Ottawa would like to extend its gratitude to Rodrigo Rocha for an insightful presentation on their topic, "Threat Modeling in Practice" at our April 2026 meetup!
Rodrigo laid out the basics of Threat Modeling to a packed room and explained the importance of performing threat modeling for development teams. Not only that, he walked us through a practical example of the threat modeling process for a mock healthcare web application.
Thank you once again, Rodrigo! 👏
If you missed this session, you can catch the recording of this session on our YouTube channel, along with recordings of other sessions from our awesome speakers!
🎥 : https://www.youtube.com/watch?v=TXpb7ooZZRg
#Cybersecurity #OWASP #Ottawa #ThreatModeling #Community #appsec
-
Mythos Threat Looms Over Cyber Defenses
A new force in cyberspace, known as Claude Mythos, threatens to revolutionize the speed at which cyber defenses are compromised, dramatically shortening the window between vulnerability discovery and exploitation. Experts warn that this emerging threat could upend traditional cybersecurity strategies, making it essential for organizations…
#VulnerabilityManagement #EmergingThreats #CyberDefenses #ThreatModeling #RiskManagement
-
@bkastl
Es gibt ja diese bekannte Analyse bezüglich Kosten für Security zu Zeitpunkt im SDLC.Ich bin es ja gewohnt, dass man absurde intellektuelle Kopfstände macht, um Security trotzdem so spät und mit so wenig menschlichem Denken wie möglich zu machen (🤷🏻♂️), aber das ist jetzt eine neue Eskalation 🤣