Our services help enterprises meet compliance requirements and raise security standards. We offer eLearning courses in application security, operation security, and compliance that teach secure software development principles to development teams, in addition to general security awareness suitable for non-technical learners.
Software security is a Board-level issue for good reason. In addition to financial losses, regulatory penalties, and reputational damage, there could be personal implications to […]
Read More →
We have written before about threats to critical infrastructure. Deservedly, it now has the attention of lawmakers around the world. Critical infrastructure provides citizens with […]
Read More →
Security Compass’s CEO, Rohit Sethi, spoke with Laksh Raghavan as part of the Security Leaders series in our The Balancing Act podcast. The Balancing Act […]
Read More →
Simplify Threat Modeling with Enhancements to SD Elements Threat Modeling Diagrams, Reusable Components, and Advanced Reporting Capabilities Software threat modeling is a foundational requirement for […]
Read More →
In May 2021, the White House issued Executive Order (EO) 14028, “Improving the Nation’s Cybersecurity.” The order was a response to the growing number of […]
Read More →
There are two primary sources for vulnerabilities in software. The first – design flaws – result from poor architectural decisions. These can include assuming an […]
Read More →
The Balancing Act is our podcast series. We speak to leaders and practitioners about the challenges they face and the strategies they use to defend […]
Read More →
We have written before about what threat modeling entails and its many forms. Organizations can take different approaches, particularly when building manual threat models. This […]
Read More →
Brad Arkin has been in software security for about as long as software security has been a topic. He helped build the software security practice […]
Read More →
Building secure software has never been more important. Globally, organizations spend billions of dollars on tools to identify vulnerabilities in the code they write and […]
Read More →