Threat modelling

2 posts


Securing AWS Simple Notification Service (SNS)

Introduction to securing Amazon Notification Service (SNS) Amazon Simple Notification Service (SNS) is a fully managed, scalable messaging service that enables you to send notifications to endpoints such as mobile devices, email addresses, and other services. While SNS is a highly secure and reliable service, there are potential threat scenarios that you should be aware of and take steps to mitigate. Securing Amazon Simple Notification Service (SNS) is important for several reasons. First, SNS is a critical component of many cloud-based applications and services, and securing it can help ensure the reliability and availability of these applications. For example, if […]

STRIDE Threat Modelling vs DREAD Threat Modelling

STRIDE Threat modelling Which THREAT modelling framework/methodology should I go for? This is a very common question nowadays, since the “Shift-left revolution”, we have all been trying to introduce security as early into the SDLC as possible (if we aren’t? we should!). THREAT modelling is the foundational activity of shifting left, which basically means finding threats early into the SDLC. Finding threats early in the software development lifecycle helps you save costs in terms of time, finances and more importantly possible reputational damage. Now that you are sold on doing threat modelling in the design phase of SDLC, the question […]