#threatmodeling — Public Fediverse posts

Yes! It’s time to party!! It was an honor to participate at the OWASP Virtual Conference commemorating the 25th anniversary. Here is the video: youtu.be/KmjUM0EF_24?... #OWASP25thAnniversary #OWASP #AppSec #security #threatmodeling #games #agile #lean #llm #agentic #devops #cloud #fromtend

OWASP Cornucopia - Stop Lectur...

Are you responsible for all the battles? Then stop and let the monsters rampage a bit. Remember, you can always swoop down and take out the final boss before the credits roll at the end of the movie. #appsec #owasp #llm #agentic #ai #security #cloud #devops #threatmodeling #agile #games

Are you responsible for all the battles? Then stop and let the monsters rampage a bit. Remember, you can always swoop down and take out the final boss before the credits roll at the end of the movie. #appsec #owasp #llm #agentic #ai #security #cloud #devops #threatmodeling #agile #games

Are you responsible for all the battles? Then stop and let the monsters rampage a bit. Remember, you can always swoop down and take out the final boss before the credits roll at the end of the movie. #appsec #owasp #llm #agentic #ai #security #cloud #devops #threatmodeling #agile #games

Are you responsible for all the battles? Then stop and let the monsters rampage a bit. Remember, you can always swoop down and take out the final boss before the credits roll at the end of the movie. #appsec #owasp #llm #agentic #ai #security #cloud #devops #threatmodeling #agile #games

Are you responsible for all the battles? Then stop and let the monsters rampage a bit. Remember, you can always swoop down and take out the final boss before the credits roll at the end of the movie. #appsec #owasp #llm #agentic #ai #security #cloud #devops #threatmodeling #agile #games

Do you feel like yelling at the world for not doing threat modeling? No need to yell, the tools are free! Copi - The OWASP® Cornucopia Game Engine - (copi.owasp.org) Is free to use and perfect for distributed teams. #appsec #owasp #llm #agentic #ai #cloud #devops #threatmodeling #agile #games

Do you feel like yelling at the world for not doing threat modeling? No need to yell, the tools are free! Copi - The OWASP® Cornucopia Game Engine - (copi.owasp.org) Is free to use and perfect for distributed teams. #appsec #owasp #llm #agentic #ai #cloud #devops #threatmodeling #agile #games

Do you feel like yelling at the world for not doing threat modeling? No need to yell, the tools are free! Copi - The OWASP® Cornucopia Game Engine - (copi.owasp.org) Is free to use and perfect for distributed teams. #appsec #owasp #llm #agentic #ai #cloud #devops #threatmodeling #agile #games

Do you feel like yelling at the world for not doing threat modeling? No need to yell, the tools are free! Copi - The OWASP® Cornucopia Game Engine - (copi.owasp.org) Is free to use and perfect for distributed teams. #appsec #owasp #llm #agentic #ai #cloud #devops #threatmodeling #agile #games

Yes! It’s time to party! The OWASP Foundation is celebrating 25 incredible years of open source security. That’s why OWASP Cornucopia is launching its 25th anniversary edition. #appsec #security #owasp #cornucopia #llm #agentic_ai #devops #cloud #frontend #threatmodeling

"Just use Signal" is not a threat model.
At BSides312, HelpMeRob is covering the security assumptions, risk trade-offs, and blind spots that put orgs at risk even when they're using the "right" tools. 30+ years across federal law enforcement, military cyber defense, and digital forensics.
The encryption isn't the weak link. The assumptions are.
May 16th. Chicago.
🎟️ https://bsides312.org
#BSides312 #InfoSec #CyberSecurity #Signal #OpSec #ThreatModeling #Privacy #Chicago

TechBash 2026 Keynotes and Workshops Announced Yesterday

https://vlqh-zgpm.campaign-view.com/ua/SharedView?od=3z5b1449310f71294fafc3d35955582e56a7fc9cec01fb440bc3cc8ba398aa18db&cno=129de782f264be&cd=1e7349b985a3174b&m=0

#devconference #developers #kalahari #nepa #poconos #dotnet #aspnetcore #ai #threatmodeling #communication #kubernetes #cloud #career

TechBash 2026 Keynotes and Workshops Announced Yesterday

https://vlqh-zgpm.campaign-view.com/ua/SharedView?od=3z5b1449310f71294fafc3d35955582e56a7fc9cec01fb440bc3cc8ba398aa18db&cno=129de782f264be&cd=1e7349b985a3174b&m=0

#devconference #developers #kalahari #nepa #poconos #dotnet #aspnetcore #ai #threatmodeling #communication #kubernetes #cloud #career

TechBash 2026 Keynotes and Workshops Announced Yesterday

https://vlqh-zgpm.campaign-view.com/ua/SharedView?od=3z5b1449310f71294fafc3d35955582e56a7fc9cec01fb440bc3cc8ba398aa18db&cno=129de782f264be&cd=1e7349b985a3174b&m=0

#devconference #developers #kalahari #nepa #poconos #dotnet #aspnetcore #ai #threatmodeling #communication #kubernetes #cloud #career

TechBash 2026 Keynotes and Workshops Announced Yesterday

https://vlqh-zgpm.campaign-view.com/ua/SharedView?od=3z5b1449310f71294fafc3d35955582e56a7fc9cec01fb440bc3cc8ba398aa18db&cno=129de782f264be&cd=1e7349b985a3174b&m=0

#devconference #developers #kalahari #nepa #poconos #dotnet #aspnetcore #ai #threatmodeling #communication #kubernetes #cloud #career

TechBash 2026 Keynotes and Workshops Announced Yesterday

https://vlqh-zgpm.campaign-view.com/ua/SharedView?od=3z5b1449310f71294fafc3d35955582e56a7fc9cec01fb440bc3cc8ba398aa18db&cno=129de782f264be&cd=1e7349b985a3174b&m=0

#devconference #developers #kalahari #nepa #poconos #dotnet #aspnetcore #ai #threatmodeling #communication #kubernetes #cloud #career

Check out this year's keynotes and workshops! Register by June 19th for early bird discounts and ask us about sponsorship opportunities.

https://zc.vg/b7uay?m=0

#devconference #developers #nepa #poconos #kalahariresort #learning #ai #kubernetes #dotnet #aspnetcore #threatmodeling #communication #dotnetmaui #blazor #javascript

Check out this year's keynotes and workshops! Register by June 19th for early bird discounts and ask us about sponsorship opportunities.

https://zc.vg/b7uay?m=0

#devconference #developers #nepa #poconos #kalahariresort #learning #ai #kubernetes #dotnet #aspnetcore #threatmodeling #communication #dotnetmaui #blazor #javascript

Check out this year's keynotes and workshops! Register by June 19th for early bird discounts and ask us about sponsorship opportunities.

https://zc.vg/b7uay?m=0

#devconference #developers #nepa #poconos #kalahariresort #learning #ai #kubernetes #dotnet #aspnetcore #threatmodeling #communication #dotnetmaui #blazor #javascript

Check out this year's keynotes and workshops! Register by June 19th for early bird discounts and ask us about sponsorship opportunities.

https://zc.vg/b7uay?m=0

#devconference #developers #nepa #poconos #kalahariresort #learning #ai #kubernetes #dotnet #aspnetcore #threatmodeling #communication #dotnetmaui #blazor #javascript

Check out this year's keynotes and workshops! Register by June 19th for early bird discounts and ask us about sponsorship opportunities.

https://zc.vg/b7uay?m=0

#devconference #developers #nepa #poconos #kalahariresort #learning #ai #kubernetes #dotnet #aspnetcore #threatmodeling #communication #dotnetmaui #blazor #javascript

Security is shifting from technical to behavioral.
James Robinson, CISO at Netskope:
“Employees are both cybersecurity’s most important and weakest component.”
• Shadow AI expanding
• Employees using genAI without visibility
• Risk driven by usage, not intent

Read more:
https://www.technadu.com/how-a-teen-found-cars-in-a-farming-community-discovered-a-passion-for-networking-and-now-leads-security-where-employees-love-to-experiment-with-ai-tools/623624/

#CISODecoded #GenAI #ShadowAI #Cybersecurity #ThreatModeling

Security is shifting from technical to behavioral.
James Robinson, CISO at Netskope:
“Employees are both cybersecurity’s most important and weakest component.”
• Shadow AI expanding
• Employees using genAI without visibility
• Risk driven by usage, not intent

Read more:
https://www.technadu.com/how-a-teen-found-cars-in-a-farming-community-discovered-a-passion-for-networking-and-now-leads-security-where-employees-love-to-experiment-with-ai-tools/623624/

#CISODecoded #GenAI #ShadowAI #Cybersecurity #ThreatModeling

Security is shifting from technical to behavioral.
James Robinson, CISO at Netskope:
“Employees are both cybersecurity’s most important and weakest component.”
• Shadow AI expanding
• Employees using genAI without visibility
• Risk driven by usage, not intent

Read more:
https://www.technadu.com/how-a-teen-found-cars-in-a-farming-community-discovered-a-passion-for-networking-and-now-leads-security-where-employees-love-to-experiment-with-ai-tools/623624/

#CISODecoded #GenAI #ShadowAI #Cybersecurity #ThreatModeling

Security is shifting from technical to behavioral.
James Robinson, CISO at Netskope:
“Employees are both cybersecurity’s most important and weakest component.”
• Shadow AI expanding
• Employees using genAI without visibility
• Risk driven by usage, not intent

Read more:
https://www.technadu.com/how-a-teen-found-cars-in-a-farming-community-discovered-a-passion-for-networking-and-now-leads-security-where-employees-love-to-experiment-with-ai-tools/623624/

#CISODecoded #GenAI #ShadowAI #Cybersecurity #ThreatModeling

Last chance to RSVP for our March Meetup!

Big thank you to our hosts Microsoft for and Pentera for sponsoring food and beverages.

In this edition we have 1 long form talk.

Josh Corman will be presenting on the various cyber threats to water infrastructure. He will walk through potential scenarios and do a table top exercise.

RSVP at https://buff.ly/G72uBEA

#cybersecurity #infrastructuresecurity #security #threatmodeling

Last chance to RSVP for our March Meetup!

Big thank you to our hosts Microsoft for and Pentera for sponsoring food and beverages.

In this edition we have 1 long form talk.

Josh Corman will be presenting on the various cyber threats to water infrastructure. He will walk through potential scenarios and do a table top exercise.

RSVP at https://buff.ly/G72uBEA

#cybersecurity #infrastructuresecurity #security #threatmodeling

Last chance to RSVP for our March Meetup!

Big thank you to our hosts Microsoft for and Pentera for sponsoring food and beverages.

In this edition we have 1 long form talk.

Josh Corman will be presenting on the various cyber threats to water infrastructure. He will walk through potential scenarios and do a table top exercise.

RSVP at https://buff.ly/G72uBEA

#cybersecurity #infrastructuresecurity #security #threatmodeling

Last chance to RSVP for our March Meetup!

Big thank you to our hosts Microsoft for and Pentera for sponsoring food and beverages.

In this edition we have 1 long form talk.

Josh Corman will be presenting on the various cyber threats to water infrastructure. He will walk through potential scenarios and do a table top exercise.

RSVP at https://buff.ly/G72uBEA

#cybersecurity #infrastructuresecurity #security #threatmodeling

Last chance to RSVP for our March Meetup!

Big thank you to our hosts Microsoft for and Pentera for sponsoring food and beverages.

In this edition we have 1 long form talk.

Josh Corman will be presenting on the various cyber threats to water infrastructure. He will walk through potential scenarios and do a table top exercise.

RSVP at https://buff.ly/G72uBEA

#cybersecurity #infrastructuresecurity #security #threatmodeling

Grab a spot at the March Meetup!

Big thank you to our hosts Microsoft for and Pentera for sponsoring food and beverages.

In this edition we have 1 long form talk.

Josh Corman will be presenting on the various cyber threats to water infrastructure. He will walk through potential scenarios and do a table top exercise.

RSVP at https://buff.ly/G72uBEA

#cybersecurity #infrastructuresecurity #security #threatmodeling

Grab a spot at the March Meetup!

Big thank you to our hosts Microsoft for and Pentera for sponsoring food and beverages.

In this edition we have 1 long form talk.

Josh Corman will be presenting on the various cyber threats to water infrastructure. He will walk through potential scenarios and do a table top exercise.

RSVP at https://buff.ly/G72uBEA

#cybersecurity #infrastructuresecurity #security #threatmodeling

Grab a spot at the March Meetup!

Big thank you to our hosts Microsoft for and Pentera for sponsoring food and beverages.

In this edition we have 1 long form talk.

Josh Corman will be presenting on the various cyber threats to water infrastructure. He will walk through potential scenarios and do a table top exercise.

RSVP at https://buff.ly/G72uBEA

#cybersecurity #infrastructuresecurity #security #threatmodeling

Grab a spot at the March Meetup!

Big thank you to our hosts Microsoft for and Pentera for sponsoring food and beverages.

In this edition we have 1 long form talk.

Josh Corman will be presenting on the various cyber threats to water infrastructure. He will walk through potential scenarios and do a table top exercise.

RSVP at https://buff.ly/G72uBEA

#cybersecurity #infrastructuresecurity #security #threatmodeling

Grab a spot at the March Meetup!

Big thank you to our hosts Microsoft for and Pentera for sponsoring food and beverages.

In this edition we have 1 long form talk.

Josh Corman will be presenting on the various cyber threats to water infrastructure. He will walk through potential scenarios and do a table top exercise.

RSVP at https://buff.ly/G72uBEA

#cybersecurity #infrastructuresecurity #security #threatmodeling

RSVP for our March Meetup!

Big thank you to our hosts Microsoft for and Pentera for sponsoring food and beverages.

In this edition we have 1 long form talk.

Josh Corman will be presenting on the various cyber threats to water infrastructure. He will walk through potential scenarios and do a table top exercise.

RSVP at https://buff.ly/G72uBEA

#cybersecurity #infrastructuresecurity #security #threatmodeling

RSVP for our March Meetup!

Big thank you to our hosts Microsoft for and Pentera for sponsoring food and beverages.

In this edition we have 1 long form talk.

Josh Corman will be presenting on the various cyber threats to water infrastructure. He will walk through potential scenarios and do a table top exercise.

RSVP at https://buff.ly/G72uBEA

#cybersecurity #infrastructuresecurity #security #threatmodeling

RSVP for our March Meetup!

Big thank you to our hosts Microsoft for and Pentera for sponsoring food and beverages.

In this edition we have 1 long form talk.

Josh Corman will be presenting on the various cyber threats to water infrastructure. He will walk through potential scenarios and do a table top exercise.

RSVP at https://buff.ly/G72uBEA

#cybersecurity #infrastructuresecurity #security #threatmodeling

RSVP for our March Meetup!

Big thank you to our hosts Microsoft for and Pentera for sponsoring food and beverages.

In this edition we have 1 long form talk.

Josh Corman will be presenting on the various cyber threats to water infrastructure. He will walk through potential scenarios and do a table top exercise.

RSVP at https://buff.ly/G72uBEA

#cybersecurity #infrastructuresecurity #security #threatmodeling

RSVP for our March Meetup!

Big thank you to our hosts Microsoft for and Pentera for sponsoring food and beverages.

In this edition we have 1 long form talk.

Josh Corman will be presenting on the various cyber threats to water infrastructure. He will walk through potential scenarios and do a table top exercise.

RSVP at https://buff.ly/G72uBEA

#cybersecurity #infrastructuresecurity #security #threatmodeling

In this month's meetup we have switched things a bit. We will have 1 long form talk with plenty of chances to discuss.

Josh Corman will be presenting on the various cyber threats to water infrastructure. He will walk through potential scenarios and do a table top exercise.

Big thank you to our hosts Microsoft for and Pentera for sponsoring food and beverages.

RSVP fast as we are already filling up at https://buff.ly/G72uBEA

#cyberthreat #infrastructuresecurity #security #threatmodeling

In this month's meetup we have switched things a bit. We will have 1 long form talk with plenty of chances to discuss.

Josh Corman will be presenting on the various cyber threats to water infrastructure. He will walk through potential scenarios and do a table top exercise.

Big thank you to our hosts Microsoft for and Pentera for sponsoring food and beverages.

RSVP fast as we are already filling up at https://buff.ly/G72uBEA

#cyberthreat #infrastructuresecurity #security #threatmodeling

In this month's meetup we have switched things a bit. We will have 1 long form talk with plenty of chances to discuss.

Josh Corman will be presenting on the various cyber threats to water infrastructure. He will walk through potential scenarios and do a table top exercise.

Big thank you to our hosts Microsoft for and Pentera for sponsoring food and beverages.

RSVP fast as we are already filling up at https://buff.ly/G72uBEA

#cyberthreat #infrastructuresecurity #security #threatmodeling

In this month's meetup we have switched things a bit. We will have 1 long form talk with plenty of chances to discuss.

Josh Corman will be presenting on the various cyber threats to water infrastructure. He will walk through potential scenarios and do a table top exercise.

Big thank you to our hosts Microsoft for and Pentera for sponsoring food and beverages.

RSVP fast as we are already filling up at https://buff.ly/G72uBEA

#cyberthreat #infrastructuresecurity #security #threatmodeling

In this month's meetup we have switched things a bit. We will have 1 long form talk with plenty of chances to discuss.

Josh Corman will be presenting on the various cyber threats to water infrastructure. He will walk through potential scenarios and do a table top exercise.

Big thank you to our hosts Microsoft for and Pentera for sponsoring food and beverages.

RSVP fast as we are already filling up at https://buff.ly/G72uBEA

#cyberthreat #infrastructuresecurity #security #threatmodeling

APT37’s Ruby Jumper campaign demonstrates a mature approach to air-gap traversal.

Observed tradecraft includes:
• LNK-based initial execution
• Embedded PowerShell payload extraction
• Ruby interpreter abuse (v3.3.0)
• Scheduled task persistence (5-minute interval)
• USB-based covert bidirectional C2
• Multi-stage backdoor deployment
Toolset: RESTLEAF, SNAKEDROPPER, THUMBSBD, VIRUSTASK, FOOTWINE, BLUELIGHT.

The removable media relay model enables:
– Command staging offline
– Data exfiltration without internet access
– Lateral spread across isolated systems
– Surveillance via Windows spyware
This reinforces a critical point:
Air-gap controls must extend beyond physical disconnection — including USB governance, device auditing, behavioral monitoring, and strict runtime execution policies.

Are critical infrastructure operators prepared for USB-mediated C2 relays?

Source: https://www.bleepingcomputer.com/news/security/apt37-hackers-use-new-malware-to-breach-air-gapped-networks/

Engage below.

Follow TechNadu for high-signal threat intelligence insights.
Repost to elevate awareness.

#Infosec #APT37 #AirGapSecurity #ThreatModeling #MalwareAnalysis #NationStateThreats #USBExfiltration #SOC #DetectionEngineering #CyberDefense #OperationalSecurity #ThreatHunting #ZeroTrustArchitecture

Supply chain security meets reproducible builds.
ExpressVPN is sponsoring PlanetNix 2026, highlighting the intersection of privacy, open-source infrastructure, and build reproducibility.
Event focus areas:
• Deterministic builds
• Secure deployment pipelines
• DevSecOps integration
• Team-level onboarding models
• Production-grade Nix environments

Reproducibility is increasingly tied to:
– Software supply chain integrity
– Auditability
– Compliance frameworks
– Infrastructure security baselines
As build determinism becomes more relevant to threat modeling, open-source tooling like Nix may play a critical role.

Source: https://planetnix.com/

Are reproducible systems now essential for modern security architecture?

Engage in the comments.
Follow TechNadu for high-signal infosec reporting.
Repost to amplify open-source security discussions.

#Infosec #DevSecOps #SupplyChainSecurity #ReproducibleBuilds #NixOS #OpenSourceSecurity #ExpressVPN #CloudSecurity #InfrastructureSecurity #ThreatModeling

Supply chain security meets reproducible builds.
ExpressVPN is sponsoring PlanetNix 2026, highlighting the intersection of privacy, open-source infrastructure, and build reproducibility.
Event focus areas:
• Deterministic builds
• Secure deployment pipelines
• DevSecOps integration
• Team-level onboarding models
• Production-grade Nix environments

Reproducibility is increasingly tied to:
– Software supply chain integrity
– Auditability
– Compliance frameworks
– Infrastructure security baselines
As build determinism becomes more relevant to threat modeling, open-source tooling like Nix may play a critical role.

Source: https://planetnix.com/

Are reproducible systems now essential for modern security architecture?

Engage in the comments.
Follow TechNadu for high-signal infosec reporting.
Repost to amplify open-source security discussions.

#Infosec #DevSecOps #SupplyChainSecurity #ReproducibleBuilds #NixOS #OpenSourceSecurity #ExpressVPN #CloudSecurity #InfrastructureSecurity #ThreatModeling

Supply chain security meets reproducible builds.
ExpressVPN is sponsoring PlanetNix 2026, highlighting the intersection of privacy, open-source infrastructure, and build reproducibility.
Event focus areas:
• Deterministic builds
• Secure deployment pipelines
• DevSecOps integration
• Team-level onboarding models
• Production-grade Nix environments

Reproducibility is increasingly tied to:
– Software supply chain integrity
– Auditability
– Compliance frameworks
– Infrastructure security baselines
As build determinism becomes more relevant to threat modeling, open-source tooling like Nix may play a critical role.

Source: https://planetnix.com/

Are reproducible systems now essential for modern security architecture?

Engage in the comments.
Follow TechNadu for high-signal infosec reporting.
Repost to amplify open-source security discussions.

#Infosec #DevSecOps #SupplyChainSecurity #ReproducibleBuilds #NixOS #OpenSourceSecurity #ExpressVPN #CloudSecurity #InfrastructureSecurity #ThreatModeling