Looking at an internal tool that is trying, yet again, to do a #threatmodel by using an #LLM. I got 12 threat actors on a fairly large project. What I'm really interested in is how different these two threats are from each other, and why we have distinct mitigations that address one but not the […]
#Threatmodel for the US Constitution is 250 years overdue, billionaires pwned this joint from day one #security #cybersecurity
Maybe someone wants to explain the value of stupid AI prompts like the one in this paper. They write:
> As a highly experienced threat modeler practitioner with over 20 years of experience, you have worked for one of the largest financial institutions in the world.
First off, this is a classic […]
A Universal Threat Model For Online Adults
A Universal Threat Model For Online Adults
What can go wrong on the Internet, and what can you do about it?
A Threat Model — why should I care?
If you ask yourself 4 simple questions, your likelihood of success increases.
#ThreatModel
#Cybersecurity
www.digitalkleptos.com/p/this-unive...
"Covid is airborne: it is in the exhaled breath of infected people. Vaccines and treatments are your last lines of defense. Post-infection immunity shortened to 28 days. 1 in 3 infected people are pre-symptomatic or show no symptoms. Long Covid usually comes from reinfections, most often “mild” […]
Had a #ThreatModel session with two engineering teams today. A real extensive one, where preparation included a full review of what's already there. A tech stack we haven't touched on at this company yet. A model where I built on my past experience, and still felt I worked for way too long. 1/2
#ThreatModelCybersecurity coming in 🔥 with your tech news for the week
Read, share, & support 𝙏𝙝𝙧𝙚𝙖𝙩 𝙈𝙤𝙙𝙚𝙡 newsletters (for #infosec on Tuesdays, #covid on Thursdays) & their creator @violetblue.bsky.social
Get #ThreatModel direct to your inbox for $1/month!
www.patreon.com/posts/cybers...
𝟷/𝟹
WE’RE LIVE!!!
This episode is so gorgous please give it a watch!!
Threat models was the my very first storyboarding assignment with Rational. You can see my section at 4:12-5:57
youtu.be/uiPhOk1t3GU
#ai #threatmodel #ailiteracy #rationalanimations
I just realized I've been building a "threat model" of capitalism, informed by the idea that market systems are open networks that depend on trust. Kind of happy that I've somehow got my passion for cybersecurity and political philosophy to synergize so well.
My latest writing has me explore […]
The #ThreatModelCybersecurity newsletter for June 3rd is here!
Dig into this week's news, then show #ThreatModel & its tireless author @violetblue.bsky.social some love by becoming a patron if you can (tier 1: $1/month!) & by sharing widely.
#CovidConscious
www.patreon.com/posts/130584...
𝟷/𝟹
Lastly, there's the training data. I work for #AWS (so these are strictly my personal opinions). We are opinionated about the platform. We think that there are things you should do and things you shouldn't. If you have deep knowledge of anything (Microsoft, Google, NodeJS, SAP, whatever) you […]
I have seen a lot of efforts to use an #LLM to create a #ThreatModel. I have some insights.
Attempts at #AI #ThreatModeling tend to do 3 things wrong:
1. They assume that the user's input is both complete and correct. The LLM (in the implementations I've seen) never questions "are you sure?" […]
Pas d'impact ici le truc s'est fait chopper a l'écriture, ya pas à dire c'est vachement bien le web en 2025... Sinon verrouillez vos sessions, même à la maison hein. #ThreatModel
This is fine. what could possibly go wrong. 😩
#cybersecurity #ciso #threatmodel #nationalsecurity #cissp #appsec
Lessons From Red Teaming 100 Generative AI Products #generativeai #artificialintelligence #cybersecurity #threatmodel #risk
Threat modeling should be a part of everything you do, professional or personal.
That's it. That's the... uh, what's the "tweet" equivalent on #bluesky
#blsky #notX #infosec #threatmodel #cyber #CyberSecurity #security
At this risk of inviting trouble....
I think I'm safe because I #threatmodel, and have been building #powershell and #web solutions for over a decade without getting hacked so far.
*Knocks on wood* / *gently reminds hackers that I'll stop releasing dual use tools if hacked*
Get ready for #AppSec Days #Singapore! 🎉 Interested in getting more engaged? Join us as a volunteer and help make this conference unforgettable! Check out our volunteer openings NOW: owasp.wufoo.com/form... #cybersecurity #devsecops #AI #threatmodel #infosec
Excited about attending #AppSec Days #Singapore? Want to be more involved? Volunteer and support the event staff at this incredible conference! Explore our volunteer opportunities TODAY: owasp.wufoo.com/form...
#cybersecurity #devsecops #AI #threatmodel #infosec
New for #threatmodel thursday, the Universal Cloud Threat Model!
It’s a 28 page model, freely downloadable, and licensed under CC-BY-NC-ND-3. As always with Threat Model Thursdays, my goal is to respectfully look at interesting work and see what we can learn from it.
shostack.org/blog/univers...
...different messaging apps handle deleted and disappearing messages a little differently, in particular when it comes to quoted messages, chat backups, and screenshot notifications. It’s not a vulnerability in the software, but it change the #threatmodel
eff.org/deeplinks/2023…
