🔥 Subscribe to Our Monthly Security Digest Newsletter Sign Me Up
Developer-Centric Threat ModelingContinuously model threats at scale and proactively write code that significantly reduces risks and remediation costs.
Developer-Centric
Threat Modeling
Continuously model threats at scale and proactively write code that significantly reduces risks and remediation costs.
SD Elements Training
ResearchSecurity Compass’ research team creates insights that challenge the way we think.
Upcoming EventsJoin us at one of our virtual or in-person events.
Resources
On March 3rd, the White House released its National Cybersecurity Strategy. The document aims to tackle five key pillars, one of which is a fundamental […]
Read More →
The Defense Industrial Base (DIB) is comprised of thousands of organizations that design, produce, deliver, and maintain military weapons systems, subsystems, and components for the […]
Read More →
In May, 2021, the Biden Administration issued Executive Order (EO) 14028, “Improving the Nation’s Cybersecurity.” Included in the EO is the requirement that “the Federal Government […]
Read More →
The software development and IT organizations within U.S. federal government agencies face conflicting challenges. They must defend systems against constant attacks by criminals, hacktivists, and […]
Read More →
Cybersecurity training programs for developers help build a culture of security in your organization as well as raise awareness about secure coding best practices. However, […]
Read More →
After years of anticipation, Revision 5 (Rev 5) of National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, “Security and Privacy Controls for Information Systems […]
Read More →
With the introduction of the Cybersecurity Maturity Model Certification (CMMC) in the U.S. as a means of unifying cybersecurity standards for the Department of Defense, […]
Read More →
Managing rapid application delivery with secure development has long been a major challenge for U.S. federal government agencies. Part of the reason was the constant […]
Read More →
The Federal Risk and Authorization Management Program (FedRAMP) is a US government-wide “cloud policy” first issued in February 2011. For a cloud service provider (CSP), or cloud […]
Read More →