BestHub
Sign in
Tag

Threat Modeling

0 views collected around this technical thread.

Architects Research Society
Architects Research Society
Nov 1, 2023 · Information Security

Roles and Responsibilities of a Security Architecture Team

The article outlines the composition and responsibilities of a security architecture team, detailing the roles of Security Architect, Information Security Architect, CISO, and Security Analyst, their required business and technical skills, risk management, threat modeling, and how they integrate with enterprise architecture.

CISOSecurity ArchitectureSecurity Roles
0 likes · 11 min read
Roles and Responsibilities of a Security Architecture Team
DevOps
DevOps
Aug 9, 2023 · Information Security

From DevOps to DevSecOps: Integrating Security into the Software Development Lifecycle and Using Microsoft Threat Modeling Tool

This article explains how DevSecOps extends DevOps by embedding security throughout the software development lifecycle, discusses common threats such as SQL injection and broken access control, outlines the Security Development Lifecycle, and provides a step‑by‑step guide to using Microsoft’s Threat Modeling Tool for risk mitigation.

DevSecOpsMicrosoft ToolSecurity Development Lifecycle
0 likes · 20 min read
From DevOps to DevSecOps: Integrating Security into the Software Development Lifecycle and Using Microsoft Threat Modeling Tool
DevOps
DevOps
Jun 27, 2023 · Information Security

From DevOps to DevSecOps: Understanding Threats, Security Practices, and Using Microsoft Threat Modeling Tool

This article explains how DevSecOps extends DevOps by embedding security throughout the software lifecycle, discusses common threats such as SQL injection and broken access control, outlines the Security Development Lifecycle, and provides a step‑by‑step guide to using Microsoft Threat Modeling Tool for proactive risk mitigation.

DevOpsDevSecOpsMicrosoft
0 likes · 20 min read
From DevOps to DevSecOps: Understanding Threats, Security Practices, and Using Microsoft Threat Modeling Tool
DevOps
DevOps
Aug 3, 2022 · Information Security

Secure Design in DevSecOps: Principles, Threat Modeling, and Huawei Cloud Practices

This article explains how integrating secure‑by‑design principles into DevSecOps accelerates software delivery while reducing risk, outlines key security architecture concepts such as the CIA triad and design principles, describes threat‑modeling methods, and showcases Huawei Cloud’s practical security design, data protection, and privacy solutions.

DevSecOpsHuawei CloudSecure Design
0 likes · 12 min read
Secure Design in DevSecOps: Principles, Threat Modeling, and Huawei Cloud Practices
DevOps
DevOps
Apr 14, 2022 · Information Security

Threat Modeling: Skills, Methodology, and Long-Term Challenges for Security Architects

The article explains threat modeling as a security‑by‑design practice, outlines the scarce talent pool for senior architects, describes a DFD‑based methodology with STRIDE analysis, and discusses the balance between experiential and methodological approaches to building robust, long‑term security models.

DFDSTRIDESecurity Architecture
0 likes · 9 min read
Threat Modeling: Skills, Methodology, and Long-Term Challenges for Security Architects
Dada Group Technology
Dada Group Technology
Jul 16, 2021 · Information Security

Application Security Testing Practices and Risk Assessment at JD Daojia

This article outlines JD Daojia's comprehensive application security strategy, including risk analysis, threat modeling, DevSecOps processes, open‑source component scanning, SAST/DAST/IAST testing, manual security assessments, and evaluation of testing effectiveness to mitigate vulnerabilities before production.

DevSecOpsSecurity TestingThreat Modeling
0 likes · 13 min read
Application Security Testing Practices and Risk Assessment at JD Daojia
Architects Research Society
Architects Research Society
Feb 24, 2021 · Information Security

Security Architecture Team: Roles, Skills, and Responsibilities

The security architecture team consists of security architects, information security architects, chief information security officers, and security analysts, each with distinct business and technical responsibilities, risk‑management and threat‑modeling skills, and a collaborative relationship with enterprise architecture to ensure secure, compliant solutions.

CISOSecurity ArchitectureThreat Modeling
0 likes · 11 min read
Security Architecture Team: Roles, Skills, and Responsibilities
Efficient Ops
Efficient Ops
Jun 25, 2020 · Information Security

How Enterprise DevSecOps Transforms Security in Modern IT Operations

The article recaps the fourth Enterprise DevOps Empowerment conference, highlighting DevSecOps as the core theme, expert presentations from China Academy of Information and Communications Technology, Huatai Securities, and Tencent, and a detailed Q&A covering threat modeling, security automation, scanning practices, and operational integration.

DevSecOpsEnterprise SecurityIT Operations
0 likes · 15 min read
How Enterprise DevSecOps Transforms Security in Modern IT Operations
Tencent Cloud Developer
Tencent Cloud Developer
Jun 5, 2020 · Information Security

DevSecOps and Secure Development Lifecycle (SDL): Concepts, Practices, and Implementation

The article explains how DevSecOps extends the Secure Development Lifecycle by embedding security early and throughout CI/CD pipelines, combining threat‑based and vulnerability‑based defenses, automated testing tools such as SAST, DAST, IAST, and SCA, and fostering a collaborative culture of shared responsibility, illustrated by Tencent Cloud’s comprehensive “Golden Pipeline” implementation.

CI/CDDevSecOpsSDL
0 likes · 14 min read
DevSecOps and Secure Development Lifecycle (SDL): Concepts, Practices, and Implementation