#threatmodelling — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #threatmodelling, aggregated by home.social.
-
Could something be skipping though the "customer interaction" points in your application?
BOT3 from the OWASP Cornucopia Companion illustrates how automation at scale can be used on gambling sites to make bets fast & furiously, skipping past all the checks and balances, warnings, up-selling and regulatory information.
Read the whole scenario at https://cornucopia.owasp.org/edition/companion/BOT3/1.0/en
Details of new release at https://cornucopia.owasp.org/news/20260508-companion-edition
@owasp #appsec #devops #devsecops #threatmodelling #eop #owasp #cornucopia
-
Could something be skipping though the "customer interaction" points in your application?
BOT3 from the OWASP Cornucopia Companion illustrates how automation at scale can be used on gambling sites to make bets fast & furiously, skipping past all the checks and balances, warnings, up-selling and regulatory information.
Read the whole scenario at https://cornucopia.owasp.org/edition/companion/BOT3/1.0/en
Details of new release at https://cornucopia.owasp.org/news/20260508-companion-edition
@owasp #appsec #devops #devsecops #threatmodelling #eop #owasp #cornucopia
-
Could something be skipping though the "customer interaction" points in your application?
BOT3 from the OWASP Cornucopia Companion illustrates how automation at scale can be used on gambling sites to make bets fast & furiously, skipping past all the checks and balances, warnings, up-selling and regulatory information.
Read the whole scenario at https://cornucopia.owasp.org/edition/companion/BOT3/1.0/en
Details of new release at https://cornucopia.owasp.org/news/20260508-companion-edition
@owasp #appsec #devops #devsecops #threatmodelling #eop #owasp #cornucopia
-
Could something be skipping though the "customer interaction" points in your application?
BOT3 from the OWASP Cornucopia Companion illustrates how automation at scale can be used on gambling sites to make bets fast & furiously, skipping past all the checks and balances, warnings, up-selling and regulatory information.
Read the whole scenario at https://cornucopia.owasp.org/edition/companion/BOT3/1.0/en
Details of new release at https://cornucopia.owasp.org/news/20260508-companion-edition
@owasp #appsec #devops #devsecops #threatmodelling #eop #owasp #cornucopia
-
Could something be skipping though the "customer interaction" points in your application?
BOT3 from the OWASP Cornucopia Companion illustrates how automation at scale can be used on gambling sites to make bets fast & furiously, skipping past all the checks and balances, warnings, up-selling and regulatory information.
Read the whole scenario at https://cornucopia.owasp.org/edition/companion/BOT3/1.0/en
Details of new release at https://cornucopia.owasp.org/news/20260508-companion-edition
@owasp #appsec #devops #devsecops #threatmodelling #eop #owasp #cornucopia
-
Open source and free. Download print-ready files and play Cornucopia together, browse the cards online, or play games online with remote team members.
If you prefer, printed decks are available to purchase from a vendor as a dual-packaged Website App Edition x Companion Edition combination set:
https://cybersecgames.com/pages/owasp-cornucopia-threat-modeling-collection
@owasp #owasp #cornucopia #eop #stride #threatmodelling #devops #devopsec #appsec #infosec
2/2
-
Open source and free. Download print-ready files and play Cornucopia together, browse the cards online, or play games online with remote team members.
If you prefer, printed decks are available to purchase from a vendor as a dual-packaged Website App Edition x Companion Edition combination set:
https://cybersecgames.com/pages/owasp-cornucopia-threat-modeling-collection
@owasp #owasp #cornucopia #eop #stride #threatmodelling #devops #devopsec #appsec #infosec
2/2
-
Open source and free. Download print-ready files and play Cornucopia together, browse the cards online, or play games online with remote team members.
If you prefer, printed decks are available to purchase from a vendor as a dual-packaged Website App Edition x Companion Edition combination set:
https://cybersecgames.com/pages/owasp-cornucopia-threat-modeling-collection
@owasp #owasp #cornucopia #eop #stride #threatmodelling #devops #devopsec #appsec #infosec
2/2
-
Open source and free. Download print-ready files and play Cornucopia together, browse the cards online, or play games online with remote team members.
If you prefer, printed decks are available to purchase from a vendor as a dual-packaged Website App Edition x Companion Edition combination set:
https://cybersecgames.com/pages/owasp-cornucopia-threat-modeling-collection
@owasp #owasp #cornucopia #eop #stride #threatmodelling #devops #devopsec #appsec #infosec
2/2
-
Open source and free. Download print-ready files and play Cornucopia together, browse the cards online, or play games online with remote team members.
If you prefer, printed decks are available to purchase from a vendor as a dual-packaged Website App Edition x Companion Edition combination set:
https://cybersecgames.com/pages/owasp-cornucopia-threat-modeling-collection
@owasp #owasp #cornucopia #eop #stride #threatmodelling #devops #devopsec #appsec #infosec
2/2
-
The new Companion Deck for OWASP Cornucopia includes six novel suits to assist threat modelling of Agentic AI, Cloud, DevOps, Frontend, LLM and Automation. The suits can be used alone or in combination with suits from either existing Cornucopia decks: the Website App Edition or Mobile App Edition. My main contribution to this is the Automated Threats (BOT) suit.
https://cornucopia.owasp.org/news/20260508-companion-edition
@owasp #owasp #cornucopia #eop #stride #threatmodelling #devops #devopsec #appsec #infosec
1/2
-
The new Companion Deck for OWASP Cornucopia includes six novel suits to assist threat modelling of Agentic AI, Cloud, DevOps, Frontend, LLM and Automation. The suits can be used alone or in combination with suits from either existing Cornucopia decks: the Website App Edition or Mobile App Edition. My main contribution to this is the Automated Threats (BOT) suit.
https://cornucopia.owasp.org/news/20260508-companion-edition
@owasp #owasp #cornucopia #eop #stride #threatmodelling #devops #devopsec #appsec #infosec
1/2
-
The new Companion Deck for OWASP Cornucopia includes six novel suits to assist threat modelling of Agentic AI, Cloud, DevOps, Frontend, LLM and Automation. The suits can be used alone or in combination with suits from either existing Cornucopia decks: the Website App Edition or Mobile App Edition. My main contribution to this is the Automated Threats (BOT) suit.
https://cornucopia.owasp.org/news/20260508-companion-edition
@owasp #owasp #cornucopia #eop #stride #threatmodelling #devops #devopsec #appsec #infosec
1/2
-
The new Companion Deck for OWASP Cornucopia includes six novel suits to assist threat modelling of Agentic AI, Cloud, DevOps, Frontend, LLM and Automation. The suits can be used alone or in combination with suits from either existing Cornucopia decks: the Website App Edition or Mobile App Edition. My main contribution to this is the Automated Threats (BOT) suit.
https://cornucopia.owasp.org/news/20260508-companion-edition
@owasp #owasp #cornucopia #eop #stride #threatmodelling #devops #devopsec #appsec #infosec
1/2
-
The new Companion Deck for OWASP Cornucopia includes six novel suits to assist threat modelling of Agentic AI, Cloud, DevOps, Frontend, LLM and Automation. The suits can be used alone or in combination with suits from either existing Cornucopia decks: the Website App Edition or Mobile App Edition. My main contribution to this is the Automated Threats (BOT) suit.
https://cornucopia.owasp.org/news/20260508-companion-edition
@owasp #owasp #cornucopia #eop #stride #threatmodelling #devops #devopsec #appsec #infosec
1/2
-
Great to see the new Companion Edition released by the OWASP Cornucopia project. A year in the making, project leader Johan Sydseter has organised a whole group of volunteers to build out a new deck of playing cards for the application security threat modelling card game.
The new deck with six new suits also celebrates the 25th anniversary of the Open Worldwide Application Security Project (OWASP).
https://cornucopia.owasp.org/news/20260508-companion-edition
@owasp @sydseter #appsec #devops #devsecops #threatmodelling #owasp
-
Great to see the new Companion Edition released by the OWASP Cornucopia project. A year in the making, project leader Johan Sydseter has organised a whole group of volunteers to build out a new deck of playing cards for the application security threat modelling card game.
The new deck with six new suits also celebrates the 25th anniversary of the Open Worldwide Application Security Project (OWASP).
https://cornucopia.owasp.org/news/20260508-companion-edition
@owasp @sydseter #appsec #devops #devsecops #threatmodelling #owasp
-
Great to see the new Companion Edition released by the OWASP Cornucopia project. A year in the making, project leader Johan Sydseter has organised a whole group of volunteers to build out a new deck of playing cards for the application security threat modelling card game.
The new deck with six new suits also celebrates the 25th anniversary of the Open Worldwide Application Security Project (OWASP).
https://cornucopia.owasp.org/news/20260508-companion-edition
@owasp @sydseter #appsec #devops #devsecops #threatmodelling #owasp
-
Great to see the new Companion Edition released by the OWASP Cornucopia project. A year in the making, project leader Johan Sydseter has organised a whole group of volunteers to build out a new deck of playing cards for the application security threat modelling card game.
The new deck with six new suits also celebrates the 25th anniversary of the Open Worldwide Application Security Project (OWASP).
https://cornucopia.owasp.org/news/20260508-companion-edition
@owasp @sydseter #appsec #devops #devsecops #threatmodelling #owasp
-
Great to see the new Companion Edition released by the OWASP Cornucopia project. A year in the making, project leader Johan Sydseter has organised a whole group of volunteers to build out a new deck of playing cards for the application security threat modelling card game.
The new deck with six new suits also celebrates the 25th anniversary of the Open Worldwide Application Security Project (OWASP).
https://cornucopia.owasp.org/news/20260508-companion-edition
@owasp @sydseter #appsec #devops #devsecops #threatmodelling #owasp
-
Running threat-crank to update https://github.com/timb-machine/attack-ti with v19 data.
-
Running threat-crank to update https://github.com/timb-machine/attack-ti with v19 data.
-
Running threat-crank to update https://github.com/timb-machine/attack-ti with v19 data.
-
Running threat-crank to update https://github.com/timb-machine/attack-ti with v19 data.
-
Running threat-crank to update https://github.com/timb-machine/attack-ti with v19 data.
-
The latest version of the OWASP Automated Threat Handbook, which defines a common language to identify and classify automated threats to web applications and provides relevant countermeasures, is available to download as a free PDF or can be purchased in print from Lulu:
#bots #badbots #automatedthreats #appsec #infosec #informationsecurity #devops #threatmodelling #owasp @owasp
-
The latest version of the OWASP Automated Threat Handbook, which defines a common language to identify and classify automated threats to web applications and provides relevant countermeasures, is available to download as a free PDF or can be purchased in print from Lulu:
#bots #badbots #automatedthreats #appsec #infosec #informationsecurity #devops #threatmodelling #owasp @owasp
-
The latest version of the OWASP Automated Threat Handbook, which defines a common language to identify and classify automated threats to web applications and provides relevant countermeasures, is available to download as a free PDF or can be purchased in print from Lulu:
#bots #badbots #automatedthreats #appsec #infosec #informationsecurity #devops #threatmodelling #owasp @owasp
-
The latest version of the OWASP Automated Threat Handbook, which defines a common language to identify and classify automated threats to web applications and provides relevant countermeasures, is available to download as a free PDF or can be purchased in print from Lulu:
#bots #badbots #automatedthreats #appsec #infosec #informationsecurity #devops #threatmodelling #owasp @owasp
-
The latest version of the OWASP Automated Threat Handbook, which defines a common language to identify and classify automated threats to web applications and provides relevant countermeasures, is available to download as a free PDF or can be purchased in print from Lulu:
#bots #badbots #automatedthreats #appsec #infosec #informationsecurity #devops #threatmodelling #owasp @owasp
-
The latest version of the OWASP Automated Threat Handbook, which defines a common language to identify and classify automated threats to web applications and provides relevant countermeasures, is available to download as a free PDF or can be purchased in print from Lulu:
#bots #badbots #automatedthreats #appsec #infosec #informationsecurity #devops #threatmodelling #owasp @owasp
-
The latest version of the OWASP Automated Threat Handbook, which defines a common language to identify and classify automated threats to web applications and provides relevant countermeasures, is available to download as a free PDF or can be purchased in print from Lulu:
#bots #badbots #automatedthreats #appsec #infosec #informationsecurity #devops #threatmodelling #owasp @owasp
-
The latest version of the OWASP Automated Threat Handbook, which defines a common language to identify and classify automated threats to web applications and provides relevant countermeasures, is available to download as a free PDF or can be purchased in print from Lulu:
#bots #badbots #automatedthreats #appsec #infosec #informationsecurity #devops #threatmodelling #owasp @owasp
-
Everyone have different needs and face different dangers when their personal data gets exposed. To give actionable privacy advice, it's essential to consider each person's unique situation.
👤 Learn more on how to evaluate each person's threat model.
🧰 Check our Privacy Activist Toolbox tip to Consider Everyone's Unique Situation: https://www.privacyguides.org/en/activism/toolbox/tip-consider-everyones-unique-situation/
#PrivacyGuides #Activism #PrivacyActivistToolbox #Privacy #ThreatModelling
-
Everyone have different needs and face different dangers when their personal data gets exposed. To give actionable privacy advice, it's essential to consider each person's unique situation.
👤 Learn more on how to evaluate each person's threat model.
🧰 Check our Privacy Activist Toolbox tip to Consider Everyone's Unique Situation: https://www.privacyguides.org/en/activism/toolbox/tip-consider-everyones-unique-situation/
#PrivacyGuides #Activism #PrivacyActivistToolbox #Privacy #ThreatModelling
-
Everyone have different needs and face different dangers when their personal data gets exposed. To give actionable privacy advice, it's essential to consider each person's unique situation.
👤 Learn more on how to evaluate each person's threat model.
🧰 Check our Privacy Activist Toolbox tip to Consider Everyone's Unique Situation: https://www.privacyguides.org/en/activism/toolbox/tip-consider-everyones-unique-situation/
#PrivacyGuides #Activism #PrivacyActivistToolbox #Privacy #ThreatModelling
-
Everyone have different needs and face different dangers when their personal data gets exposed. To give actionable privacy advice, it's essential to consider each person's unique situation.
👤 Learn more on how to evaluate each person's threat model.
🧰 Check our Privacy Activist Toolbox tip to Consider Everyone's Unique Situation: https://www.privacyguides.org/en/activism/toolbox/tip-consider-everyones-unique-situation/
#PrivacyGuides #Activism #PrivacyActivistToolbox #Privacy #ThreatModelling
-
Everyone have different needs and face different dangers when their personal data gets exposed. To give actionable privacy advice, it's essential to consider each person's unique situation.
👤 Learn more on how to evaluate each person's threat model.
🧰 Check our Privacy Activist Toolbox tip to Consider Everyone's Unique Situation: https://www.privacyguides.org/en/activism/toolbox/tip-consider-everyones-unique-situation/
#PrivacyGuides #Activism #PrivacyActivistToolbox #Privacy #ThreatModelling
-
A couple of interesting links on SD-WAN security:
* https://www.mplify.net/wp-content/uploads/MEF_88.pdf - securing application flows in SD-WAN solutions (vendor neutral)
* https://arxiv.org/pdf/1811.04583 - focusses on orchestration, management and control (iterates through all the various vendors) -
A couple of interesting links on SD-WAN security:
* https://www.mplify.net/wp-content/uploads/MEF_88.pdf - securing application flows in SD-WAN solutions (vendor neutral)
* https://arxiv.org/pdf/1811.04583 - focusses on orchestration, management and control (iterates through all the various vendors) -
A couple of interesting links on SD-WAN security:
* https://www.mplify.net/wp-content/uploads/MEF_88.pdf - securing application flows in SD-WAN solutions (vendor neutral)
* https://arxiv.org/pdf/1811.04583 - focusses on orchestration, management and control (iterates through all the various vendors) -
A couple of interesting links on SD-WAN security:
* https://www.mplify.net/wp-content/uploads/MEF_88.pdf - securing application flows in SD-WAN solutions (vendor neutral)
* https://arxiv.org/pdf/1811.04583 - focusses on orchestration, management and control (iterates through all the various vendors) -
A couple of interesting links on SD-WAN security:
* https://www.mplify.net/wp-content/uploads/MEF_88.pdf - securing application flows in SD-WAN solutions (vendor neutral)
* https://arxiv.org/pdf/1811.04583 - focusses on orchestration, management and control (iterates through all the various vendors) -
In tomorrow's OWASP 25th Anniversary Virtual Conference, two talks include mention of the OWASP Cornucopia card game.
In "Stop Lecturing, Start Playing" at 11:00 CET Johan Sydseter will discuss how you can utilize games to scale your application security program. And in "Connecting the dots" at 14:00 Max Alejandro Gómez Sánchez Vergaray will share his experiences of creating an AppSec programme.
#appsec #threatmodelling #software #applicationsecurity #owasp @sydseter
https://owasp.glueup.com/event/owasp-25th-anniversary-virtual-conference-164290/#agenda
-
In tomorrow's OWASP 25th Anniversary Virtual Conference, two talks include mention of the OWASP Cornucopia card game.
In "Stop Lecturing, Start Playing" at 11:00 CET Johan Sydseter will discuss how you can utilize games to scale your application security program. And in "Connecting the dots" at 14:00 Max Alejandro Gómez Sánchez Vergaray will share his experiences of creating an AppSec programme.
#appsec #threatmodelling #software #applicationsecurity #owasp @sydseter
https://owasp.glueup.com/event/owasp-25th-anniversary-virtual-conference-164290/#agenda
-
In tomorrow's OWASP 25th Anniversary Virtual Conference, two talks include mention of the OWASP Cornucopia card game.
In "Stop Lecturing, Start Playing" at 11:00 CET Johan Sydseter will discuss how you can utilize games to scale your application security program. And in "Connecting the dots" at 14:00 Max Alejandro Gómez Sánchez Vergaray will share his experiences of creating an AppSec programme.
#appsec #threatmodelling #software #applicationsecurity #owasp @sydseter
https://owasp.glueup.com/event/owasp-25th-anniversary-virtual-conference-164290/#agenda
-
In tomorrow's OWASP 25th Anniversary Virtual Conference, two talks include mention of the OWASP Cornucopia card game.
In "Stop Lecturing, Start Playing" at 11:00 CET Johan Sydseter will discuss how you can utilize games to scale your application security program. And in "Connecting the dots" at 14:00 Max Alejandro Gómez Sánchez Vergaray will share his experiences of creating an AppSec programme.
#appsec #threatmodelling #software #applicationsecurity #owasp @sydseter
https://owasp.glueup.com/event/owasp-25th-anniversary-virtual-conference-164290/#agenda
-
In tomorrow's OWASP 25th Anniversary Virtual Conference, two talks include mention of the OWASP Cornucopia card game.
In "Stop Lecturing, Start Playing" at 11:00 CET Johan Sydseter will discuss how you can utilize games to scale your application security program. And in "Connecting the dots" at 14:00 Max Alejandro Gómez Sánchez Vergaray will share his experiences of creating an AppSec programme.
#appsec #threatmodelling #software #applicationsecurity #owasp @sydseter
https://owasp.glueup.com/event/owasp-25th-anniversary-virtual-conference-164290/#agenda
-
Application security specialist @sydseter mentioned to me this comprehensive web page by @adamshostack listing information security and privacy table-top games, including the card games OWASP Cornucopia @owasp and Digital Benefits and Disbenefits Cornucopia @DBD_Cornucopia
Game on!
#infosec #appsec #privacy #threatmodelling #ssdlc #gamification #games
Shostack + Associates > Tabletop Security Games + Cards
https://shostack.org/games -
Application security specialist @sydseter mentioned to me this comprehensive web page by @adamshostack listing information security and privacy table-top games, including the card games OWASP Cornucopia @owasp and Digital Benefits and Disbenefits Cornucopia @DBD_Cornucopia
Game on!
#infosec #appsec #privacy #threatmodelling #ssdlc #gamification #games
Shostack + Associates > Tabletop Security Games + Cards
https://shostack.org/games