Risk Management Risk and Threat Modeling with Mind Maps Read More
November 10, 2020 -

In security we talk a lot about understanding risk. That informs the advice we give and decisions we make. A tool I like to use for brainstorming about risk is a threat model in the form of a mind map. It is a simple starting point for thinking about threats. In this post, we’ll talk […]

Read More
Security Trends Lets Talk About Blockchain Read More
October 28, 2020 -

Let’s talk about Blockchain. I think many people in the security world are already appropriately skeptical of all of the “let’s use blockchain for this” trends, but in this post we wanted to dig into it a bit and talk about why not to use blockchain. What Is Blockchain Blockchain isn’t just one thing really, […]

Read More
Security Trends Crush Github Action Read More
October 20, 2020 -

Everyone is talking about pushing left. I feel like I’ve been talking about Agile Security since like 2010. Whatever we’re going to call it, the idea is that we want to be able to do our work earlier in the development process where developers can touch and feel it. Its not all about tools Although […]

Read More
Security Hires Your First Security Hire Read More
May 13, 2020 -

We often talk with companies that are thinking about hiring an FTE to help them with security. This post covers some of our thoughts and experiences in this area. As with many areas of security, there is no one size fits all approach that works here, but there are some pitfalls and ways to make […]

Read More
Application Security App Meta Security Information Read More
May 7, 2020 -

When we implement security programs, we often advise clients to build an inventory of their applications. There are a lot of things we can do when we know what our inventory is. We can do this right in the available tools developers are already using. This post covers one way to do this. App Inventory […]

Read More
Incident Response Security Culture - TLDR on Zoom IRL Read More
April 17, 2020 -

In the latest video of our Security Culture series we talk about Zoom security. You can also listen in on our podcast. We wrote a longread blog post about Zoom security earlier this week but given the attention around Zoom and the questions we have gotten from customers, we wanted to put a quick culture […]

Read More
Incident Response Zoom Security Reality Check Read More
April 10, 2020 -

Zoom has been in the news a lot lately. In this post, we try to put the Zoom security situation in perspective. This is a longread™ with a short section at the front for those that just want the takeaways. Credit: The Onion I really didn’t want to write an “I told you so” blog […]

Read More
Application Security Security Culture - OWASP Juice Shop Read More
April 9, 2020 -

In the latest video of our Security Culture series we talk about The OWASP Juice Shop. You can also listen in on our podcast. The OWASP Juice Shop is an amazing resource for both developers and folks working in application security (or those interested in learning application security!). It is easy to run. You can […]

Read More
Identity and Access Management Security Culture - Least Privilege Read More
April 3, 2020 -

In the latest video of our Security Culture series we talk about least privilege. You can also listen in on our podcast. Least Privilege is at first glance obvious and self defining. It means only giving users the access they actually need to perform a particular task in a system. On its face, it seems […]

Read More
Risk Management Security Culture - Adversaries Read More
March 26, 2020 -

In the latest video of our Security Culture series we talk about adversaries and some of the things they might be thinking about as they come at you in the real world. You can also listen in on our podcast. For example, adversaries are engaging in spam campaigns targeting all of the folks who’ve suddenly […]

Read More
© 2019-2022 Jemurai. All rights reserved.
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram