Threat Modeling Playbook released by Toreon

Threat Modeling Playbook released by Toreon

 Threat modeling

Toreon, a security consulting company, announced a release of a Threat modeling playbook. This is open-source guidance on how to implement a threat modeling on a corporate level and embed it in the software development process. It starts from getting the stakeholders buy-in, further to the training of people, improvement of processes, and finally covering tools to be used. This work is a result of combining the threat modeling vision and strategy with OWASP best practices like OWASP SAMM and the AppSec champion playbook.

We encourage you to examine the playbook on GitHub and/or view the introductory webinar on YouTube.

In Berezha Security we understand the importance of Threat Modeling practices. You can take a look at one of the presentations of Threat Modeling with OWASP Threat Dragon Vlad Styran, our co-founder and VP, has delivered on this topic. The Threat Modeling topic is also a part of our Application Security Training for developers, which may be a good support in your adventure in the threat modeling implementation journey.

Vlad Styran

Vlad Styran is an internationally known cybersecurity professional with 15+ years of experience in Penetration Testing, Social Engineering, and Security Awareness. He currently holds OSCP, CISSP, and CISA credentials and was certified as C|EH, ISO27001LA, and many more throughout his career. He is a notable blogger, podcaster, and conference speaker. At BSG, Vlad is responsible for our growth and customer experience. His involvement allows us to deliver first-rate cybersecurity consulting services in software security, cybersecurity awareness, cybersecurity strategy, and security investment.

Leave a Reply