Hello and welcome to my Nuzzel newsletter!
MS MVP Dev Sec
Threat Modeling Architect/Speaker
User Groups Leader
#AppSec #swsec #ThreatModeling #CSSLP Cohost @AppSecPodcast https://www.linkedin.com/in/roberthurlbut)
From time to time, a technically astute person challenges me around some area of secure design. Not too long ago, a distinguished engineer opined that “Threat modeling doesn't do anything.” A CTO asked why there was any need for…
In the previous article in this series we discussed why ensuring the security of software is an elusive task; application security is hard to achieve with how the InfoSec and software development industries and education system(s) currently works.
Last revision (mm/dd/yy): 07/15/2018 Error handling is a part of the overwall security of an application. Except in movies, an attack always begin by a Reconnaissance phase in which the attacker will try to gather as many technical information…