Offensive security techniques help us to identify gaps in a system’s architecture. To be useful, we believe attack trees must be contextual and account for business risk. They must also scale without introducing unnecessary overhead in the generation of attack scenarios, false positives, and asset risk alignment.
In this webinar, we have shared some of our ongoing research in automating attack trees for security control generation. We will extend this conversation to the practical side by exploring specific use cases and projecting possible ways to filter attack trees at scale.
About Security Compass
Security Compass, the Security by Design Company, is a leading provider of cybersecurity solutions, enabling organizations to shift left and build secure applications by design, integrated directly with existing DevSecOps tools and workflows. Its developer-centric threat modeling offering, SD Elements, and Application Security Training solutions help organizations release secure and compliant software to market quickly and cost effectively. Security Compass is the trusted solution provider to leading financial and technology organizations, the U.S. Department of Defense, government agencies, and renowned global brands across multiple industries. The company is headquartered in Toronto, with offices in the U.S. and UK. For more information, please visit www.securitycompass.com