My mantra is threat modeling is human oriented, tool assisted. Using an AI based threat modeling system fits in with the tool assistance; just don't make use of the tool a thing in isolation.

MITRE's Common Weakness Enumeration (CWE) entries include information like what you seek. Not super developer friendly though that is improving.

Would be interesting to see the risk formula for this. Accidents tend to happen close to home, and if you don't drive much then you're more likely to get into an accident when you do venture out? Hopefully not having debt is not a factor, maybe positive debt leads to care when driving (theory)?

Cloud in shape of a bird wing, at sunset

Treated to a beautiful cloud formation at sunset.

The Security Table The Security Table is four cybersecurity industry veterans from diverse backgrounds discussing how to build secure software and all the issues that arise!

Have you seen The Security Table podcast yet? If you haven't, and have some vacation time this holiday season, be sure to check out the series (available on both audio only and YouTube).
securitytable.buzzsprout.com

‘Alice and Bob Learn’ Book Series Learn application security from the very start, with this comprehensive and approachable guide!

📚 Exciting News! My new book "Alice and Bob Learn Secure Coding" is launching on Feb 5th, 2025. Get ready to dive into the world of secure coding with Alice and Bob! Learn more: shehackspurple.ca/bo...

Definitely check this out if you haven't already. Besides Tanya's chapter you'll find one from @adamshostack.bsky.social and @izart.bsky.social too.

🚀 Calling all Speakers! 🚀 Don't miss out on this thrilling opportunity to submit your paper for the 2025 #OWASP Global #AppSec EU Call for Presentations. Share your knowledge with the #cybersecurity community and shine a light on your skills. Take action now!
sessionize.com/owasp...

Yes indeed! For some reason I cannot add @kimwuyts.bsky.social to the Starter Pack for Threat Modeling... Bug in Bluesky or some content restriction, not sure.

go.bsky.app/RpHnAcy
#threatmodeling #securebydesign

Tired coated shepherd dog face sleeping position, extreme close-up

You have other black Friday sales throughout the year? ;)

I'd love to know where to get one of those t-shirts!

I'm seeing a lot of bad digital security advice out there right now. I'm begging you, for the love of God, if you are trying to tighten up your digital security, please start with threat modeling: ssd.eff.org/module/your-...

What is a Common Weakness Enumeration – CWE CWE stands for Common Weakness Enumeration. It is a community-developed list of software and hardware weakness types that can serve as a common language for describing, sharing, and identifying sec…

CWE stands for Common Weakness Enumeration. It is a community-developed list of software and hardware weakness types that can serve as a common language for describing, sharing,...

#security #cwe #cvss #securecoding

svenruppert.com/2024/01/10/w...

Just looking through some of the #appsec posts they seem to be months old. Now that hashtags are properly implemented here either time to create content or folks need to re-tag existing stuff to make it more easily discoverable? #threatmodeling #securebydesign #securecoding 1M+ new users helps.

Up to date on your Tetanus vaccine?

Airplane!

Threat Modeling Capabilities Documents a catalog of capabilities to help you cultivate value from your Threat Modeling practice.

Sharing news from the team that brought the Threat Modeling Manifesto - a set of capabilities for helping individuals and organizations create or optimize a threat modeling program. www.threatmodelingmanifesto.org/capabilities/
#threatmodeling #securitybydesign #privacybydesign