securitycompass-logo
  • Products

    Balanced Development Automation

    Designed to automate your risk and compliance requirements, BDA ensures you can develop secure code as quickly as possible, without compromising on safety.

    Learn More

    About  Careers  Partners

    SD Elements

    Training

    Product Info

    Overview
    How It Works
    Pricing
    Features
    Content Library
    Integrations
    DevSecOps Services
    Just-In-Time Training

    Solutions

    Overview
    Threat Modeling
    Secure Development

    Industries

    Technology
    Manufacturing
    Financial Services & Insurance
    U.S. Federal Government

    Training

    ELEARNING

    Enterprise
    Software Security Practitioner Suites
    Virtual Lab
    Course Descriptions
  • Services

    Services

    Our services help enterprises meet compliance requirements and raise security standards. We offer eLearning courses in application security, operation security, and compliance that teach secure software development principles to development teams, in addition to general security awareness suitable for non-technical learners.

    About   Careers  Partners

    Advisory

    Security Compass Advisory is now part of Kroll. Read the press release.
    Kroll Logo
    • Overview

      We can help to strengthen your security posture and reduce risk.
    • Cloud Security Services

      Operate smoothly in the cloud while satisfying security and regulatory concerns.
    • Penetration Testing

      Streamline Your Operations with a Penetration Testing Program
    • Red Team Services

      Strengthen Your Defenses With the Full Picture
  • Resources

    Research

    Security Compass’ research team creates insights that challenge the way we think.

    Learn More
    About   Careers  Partners

    Resources

    Media

    Blog
    Podcast
    Webinars
    SC In The News

    Documents

    Case Studies
    Guides & Whitepapers
    Datasheets
    Research Reports

    Educational

    Infographics
    Training Courses
  • Careers
  • Contact Us
  • Book Demo
  • Mobile Only
    Contact Us
    Book Demo
    About
    Careers
    Partners

Category: Category: Threat Modeling

Vulnerability Scanners: Are These Enough for Your Applications?

March 10, 2022
 |  No Comments
 |  Risk Assessment, Threat Modeling

Over the past decade, testing applications for security flaws and vulnerabilities has increased considerably. Only a few organizations today would consider not testing their software […]

Read More →

API Security Testing: Best Practices & Key Vulnerabilities

 |  No Comments
 |  Threat Modeling

Over the last decade, software architecture has made a major shift. Developers are taking a more modular approach, breaking tasks down into individual microservices rather […]

Read More →

Survey: The 2021 State of DevSecOps

 |  No Comments
 |  Risk Assessment, Threat Modeling

As featured in: Daily Briefing > V10 Issue 26 February 9, 2021 The CyberWire John Petrik About Security Compass Security Compass, a leading provider of cybersecurity […]

Read More →

The 2021 State of DevSecOps: Challenges and Drivers

 |  No Comments
 |  Risk Assessment, Threat Modeling

Over the last decade, there have been many attempts to adopt DevSecOps across organizations. Unfortunately, because of the differences in priorities, DevOps and security teams […]

Read More →

Building Smart DevSecOps Pipelines For Fast Deployment

 |  No Comments
 |  Application Security, Risk Assessment, Threat Modeling

Challenges we face in DevSecOps pipelines DevSecOps pipelines aim to integrate security and compliance in each phase of the software development life cycle. During this whole process, […]

Read More →

Managing Risk at Scale: Does the Modern Software Company Have Room for Threat Modeling (Part 2)

March 9, 2022
 |  No Comments
 |  Risk Assessment, Threat Modeling

The new approach to threat modeling After our previous blog on a new approach to threat modeling, we will discuss about the lightweight approach of […]

Read More →

Managing Risk at Scale: Does the Modern Software Company Have Room for Threat Modeling (Part 1)

 |  No Comments
 |  Risk Assessment, Threat Modeling

Is threat modeling a roadblock to application development? Is threat modeling a roadblock for security in your organization when it should be an enabler? If […]

Read More →

How Integrating Security Early Speeds Up the Development Process

 |  No Comments
 |  Risk Assessment, Threat Modeling

It’s well established that software vulnerabilities (or any bug) found later in the development life cycle are more expensive to remediate. This isn’t simply because […]

Read More →

Scanning Your Code for Software Security

 |  No Comments
 |  Risk Assessment, Threat Modeling

Scanning code for vulnerabilities means different things to different people. Generally, an organization’s approach to security evolves as they mature. However, It’s always important to […]

Read More →

The Modern Day Approach to Threat Modeling

 |  No Comments
 |  Risk Assessment, Threat Modeling

Threat modeling and slowdown Traditional threat modeling is struggling to find a place in application security today. The process thoroughly maps out complex diagrams detailing vulnerable […]

Read More →

Posts navigation

1 2 3 Next

Topics

  • Application Security
  • Authority to Operate
  • CIO
  • CISO
  • Financial Services
  • Government
  • Insurance
  • Manufacturing
  • Risk Assessment
  • Secure Development
  • Security Analyst
  • Security Awareness
  • Software Developer
  • Technology
  • Threat Modeling

ABOUT US

CAREERS

PARTNERS

RESEARCH

SDE SUPPORT

TRAINING SUPPORT

SD ELEMENTS

SD ELEMENTS

Product Info

  • Overview
  • How It Works
  • Content Library
  • Integrations
  • Just-In-Time Training
  • Features
  • DevSecOps Services

Solutions

  • Use Case Overview
  • Threat Modeling
  • Secure Development

Industries

  • Manufacturing
  • Technology
  • U.S. Federal Government
  • Financial Services

TRAINING

  • Enterprise
  • Virtual Lab
  • Software Security Practitioner (SSP) Suites
  • Course Descriptions

ADVISORY

  • Overview
  • Cloud Security Services
  • Penetration Testing
  • Red Team Services

RESOURCES

  • LOG4J2 Information
  • Threat Modeling
  • Secure Development
  • Authority to Operate (ATO)
  • Security Awareness
  • Application Security
Facebook Linkedin Twitter Instagram

Copyright © 2022 Security Compass. All Rights Reserved.

  • Public Vulnerability Disclosure
  • Accessibility
  • Privacy Policy
  • Legal