Offensive security techniques help us to identify gaps in a system’s architecture. To be useful, we believe attack trees must be contextual and account for business risk. They must also scale without introducing unnecessary overhead in the generation of attack scenarios, false positives, and asset risk alignment.
In this webinar, we have shared some of our ongoing research in automating attack trees for security control generation. We will extend this conversation to the practical side by exploring specific use cases and projecting possible ways to filter attack trees at scale.
About Security Compass
Security Compass, a pioneer in application security, enables organizations to shift left and build secure applications by design, integrated directly with existing DevSecOps tools and workflows. Its flagship product, SD Elements, helps organizations accelerate software time to market and reduce cyber risks by taking an automated, developer-centric approach to threat modeling, secure development, and compliance. Security Compass is a trusted Developer-centric eLearning solutions provider, offering a full suite of on-demand, role-based courses that cover various programming languages, cloud solutions, and IaC tools. For more information, please visit www.securitycompass.com