👉 Register for The Security by Design Webinar Series
Sign Me Up
Developer-Centric Threat ModelingContinuously model threats at scale and proactively write code that significantly reduces risks and remediation costs.
Developer-Centric
Threat Modeling
Continuously model threats at scale and proactively write code that significantly reduces risks and remediation costs.
SD Elements
Training
ResearchSecurity Compass’ research team creates insights that challenge the way we think.
Upcoming EventsJoin us at one of our virtual or in-person events.
Resources
Security Compass’ annual Equilibrium Conference is scheduled this year to take place on May 31, 2023, from 11 AM to 3 PM EDT. The virtual […]
Read More →
Enhancing the Developer-centric Threat Modeling and Secure Development Experience Product security is a value add. Embedding product security throughout the software development lifecycle (SDLC) is […]
Read More →
Most organizations use security testing before releasing software to identify weaknesses that an attacker could exploit. While static analysis, dynamic analysis, software composition analysis, and […]
Read More →
Software security is a Board-level issue for good reason. In addition to financial losses, regulatory penalties, and reputational damage, there could be personal implications to […]
Read More →
We have written before about threats to critical infrastructure. Deservedly, it now has the attention of lawmakers around the world. Critical infrastructure provides citizens with […]
Read More →
Simplify Threat Modeling with Enhancements to SD Elements Threat Modeling Diagrams, Reusable Components, and Advanced Reporting Capabilities Software threat modeling is a foundational requirement for […]
Read More →
In May 2021, the White House issued Executive Order (EO) 14028, “Improving the Nation’s Cybersecurity.” The order was a response to the growing number of […]
Read More →
There are two primary sources for vulnerabilities in software. The first – design flaws – result from poor architectural decisions. These can include assuming an […]
Read More →
The Balancing Act is our podcast series. We speak to leaders and practitioners about the challenges they face and the strategies they use to defend […]
Read More →
We have written before about what threat modeling entails and its many forms. Organizations can take different approaches, particularly when building manual threat models. This […]
Read More →