Avoid the disconnect between seeing the value in threat modeling and actually doing it with coaching, collaboration, and integration. Key to making it “everybody’s thing” is communication between security and development teams.
Threat modeling is a highly effective means of securing software and applications, yet very few organizations actually do it. In today’s computing and security environment, however, threat modeling is more necessary than ever.
Read the full article by Altaz Valani (Director of Insights Research, Security Compass), at DarkReading.com