Category Archives: Security
Doing Threat Modeling properly will help your teams create more secure products.
I created something beautiful, and I want to give the knowledge to you. How did it start? While analyzing the SDLC in a company I worked for, I realized a few dangerous gaps in our threat modeling process. I also talked with my network of professionals in other companies and understood that they have the…
The future of passwords is bright
I see the future. I see it so clear to see one message you will receive a few years from now. “Dear Customer, The BlahBlah monitoring system has noticed suspicious attempts to log in to multiple users’ accounts (an AI brute-force technique). Your account has been recognized with potentially weak security settings. Therefore, to prevent…
Threat modeling framework under Creative Commons license.
I am so happy that Citrix allowed me to release under Creative Commons license the threat modeling framework I developed in the last four months. What was the challenge? Doing threat modeling is one of the main requirements for almost any Agile organization. Most of the teams are doing it wrong, and as an award,…
Steganography API at your service.
Steganography is the art and science of embedding secret messages in a cover message so that no one, apart from the sender and intended recipient, suspects the existence of the message. The most common example is to hide a message in an image file without compromising how the image looks. The majority of the people…
Involve your team members when you do your threat modeling.
Most of the companies I worked for or know about have a bizarre threat modeling process. They count on the architect or the most knowledgeable person to do the threat modeling. It’s defined as a one-person job! If your goal is to do it, because it’s one of the required artifacts for your service to…