🛡️ Threat Modeling Starter Training – Back by Popular Demand!
𝗧𝗛𝗥𝗘𝗔𝗧 𝗠𝗢𝗗𝗘𝗟𝗟𝗜𝗡𝗚 𝗦𝗧𝗔𝗥𝗧𝗘𝗥 𝗧𝗥𝗔𝗜𝗡𝗜𝗡𝗚 (8h) with 𝗥𝗔𝗟𝗣𝗛 𝗔𝗡𝗗𝗔𝗟𝗜𝗦

Perfect for beginner/intermediate software/security engineers/pentesters: master STRIDE, DREAD, PASTA methodologies to build threat […]

[Original post on infosec.exchange]

How a Teen Found Cars in a Farming Community, Discovered a Passion for Networking, and Now Leads Security Where Employees Love to Experiment With AI Tools James Robinson, CISO at Netskope, highlights that employees are sharing data with AI, without security teams having any visibility or control.

Read the full interview:
www.technadu.com/how-a-teen-f...

What’s your take - are employees now the biggest security risk? Share your thoughts below.
#CISODecoded #Cybersecurity #GenAI #ShadowAI #ThreatModeling #ZeroTrust #SecurityLeadership #Netskope

Your AI agents are moving sensitive data. Do you know where? - Help Net Security Bonfy.AI CEO Gidi Cohen on why AI agent security starts at the data layer, and what CISOs must do before agents expose sensitive data.

Your AI agents are moving sensitive data. Do you know where?

📖 Read more: www.helpnetsecurity.com/2026/03/23/g...

#cybersecurity #cybersecuritynews #agenticAI #CISO #CxO #strategy #threatmodeling

Understanding the LINDDUN Threat Modeling Framework is examined in detail in this article, along with its elements, methodology, and real-world uses.

read more: reconbee.com/understandin...

#LINDDUN #threatmodelingframework #threatmodeling #potatosecurity

Understanding the LINDDUN Threat Modeling Framework Understanding the LINDDUN Threat Modeling Framework is examined in detail in this article, along with its elements, methodology

Understanding the LINDDUN Threat Modeling Framework is examined in detail in this article, along with its elements, methodology, and real-world uses.

read more: reconbee.com/understandin...

#LINDDUN #threatmodelingframework #threatmodeling #cybersecurity

Advanced threat modeling helps security teams identify attack paths and vulnerabilities before deployment. In 2026, proactive modeling is key to stronger security testing. Nautics Technologies OU explains the strategies.

👉 https://tinyurl.com/4pjnyd7h

#ThreatModeling #CyberSecurity #DevSecOps

Understanding the LINDDUN Threat Modeling Framework Understanding the LINDDUN Threat Modeling Framework is examined in detail in this article, along with its elements, methodology

Understanding the LINDDUN Threat Modeling Framework

read more: reconbee.com/understandin...

#LINDDUN #threatmodeling #threatmodelingframework #framework #LINDDUNmethodology

Claude Code Weaponized in Mexican Government Cyberattack, Exposing Roughly 195 Million Identities Threat actors weaponized Anthropic's Claude Code in a major cyberattack on the Mexican government, stealing 150GB of data.

Full story:
www.technadu.com/claude-code-...

Curious to hear perspectives from red teamers, blue teamers, and AI engineers alike.
#CyberSecurity #AIThreats #LLMSecurity #DataBreach #ThreatModeling

Microsoft put out some threat modeling guidance for AI systems. I'll be using it.

www.microsoft.com/en-us/security/blog/2026...

#ai #threatmodeling

OWASP Cornucopia is publishing it’s darkest secrets! Why do we keep our darkest fears secret? Publish them, and bring light to the darkest corners of your...

Why do we keep our darkest fears secret?

Play OWASP Cornucopia, publish them, and bring light to the darkest corners of your web application. dev.to/owasp/owasp-...

#appsec #infosec #security #threatmodeling #owasp

OWASP/cornucopia The source files and tools needed to build the OWASP Cornucopia decks in various languages - OWASP/cornucopia

see: github.com/OWASP/cornucopia/issues?q=state%3Aopen%20label%3Atranslation

We welcome and credit all contributors for their work. Please join us in making gamified threat modeling greater!

#appsec #owasp #threatmodeling #security #cybersecurity #cybersec

Agile Threat Modeling: Understanding and Mitigating Threats This course provides a comprehensive, modern introduction to threat modeling, showing how the practice has evolved in response to cloud-native architectures, agile development cycles, and emerging technologies like machine learning. \n\nYou will explore foundational concepts while diving into advanced topics such as Zero Trust threat modeling, public cloud security, and gamified methods that improve engagement and team collaboration. Through real-world case studies and hands-on frameworks, the course demonstrates how to embed “secure by design” thinking into fast-paced agile workflows. It examines the next wave of threat modeling, emphasizing automation, iterative evaluation, and practical assessments across complex systems. \n\nBy the end, you will understand how to anticipate threats earlier, adapt models rapidly, and apply effective mitigation strategies across traditional, cloud-native, and AI-driven environments.\n

⚠️ Shipping fast doesn’t mean ignoring #threats.

Garima Bajpai explains why #agile #threatmodeling is critical for modern development teams and how #security thinking fits into fast-moving #DevOps environments.

📖 Read about it in this exclusive devm.io article:

I am really looking forward to come back to Lisbon and speak at "Hackers Behind the Code".

r19-hbc.eventbrite.pt

#appsec #security #threatmodeling #owasp

BaseFortify attack-flow graph illustrating sandbox bypass via CWE-95 leading to arbitrary Python code execution.

🛡️ What to do next

Review n8n execution mode, restrict Code block usage, and upgrade affected versions. Understand how sandbox escapes chain into real attacks with full context and impact analysis.

🔐 basefortify.eu/register

#DevSecOps #ThreatModeling #BaseFortify

BaseFortify attack-flow graph illustrating the sandbox escape from untrusted code to host Node.js execution.

🛡️ What to do next

Update enclave-vm to v2.7.0 immediately. Treat exposed sandboxes as compromised: secrets, files, and network access may be leaked.

🔐 Understand attack paths & prioritize fixes:
basefortify.eu/register

#DevSecOps #ThreatModeling #BaseFortify

Register for Free | BaseFortify Sign up at BaseFortify to start monitoring vulnerabilities instantly. Get free access to AI-powered CVE analysis, real-time alerts, and powerful dashboards.

🛡️ BaseFortify links CVEs to CWE, CAPEC & MITRE ATT&CK with clear attack-flow graphs, Q&A, and an AI Assistant.

👉 Register for free: basefortify.eu/register

Understand how vulnerabilities are actually exploited — not just scored.

#BaseFortify #ThreatModeling #BlueTeam #SecurityAwareness

BaseFortify CVE report screenshot showing exploitability analysis and attack-flow graph for CVE-2025-69228.

🔎 This is where BaseFortify helps. 🚀

We connect CVEs like this to real attack paths, exploit patterns, and affected components — so teams know what is actually at risk.

✅ Attack-flow insights
✅ Clear remediation

🚀 Free access:
basefortify.eu/register

#DevSecOps #ThreatModeling #BaseFortify 🧠

Proactive Defense in Protocol Design: The Future is Now #zerotrustarchitecture #PotatosecurityTrends #cryptographicagility #protocoldesignprinciples #securebydesign #resilientnetworks #formalverification #decentralizedidentity #networkprotocolhardening #threatmodeling

Proactive Defense in Protocol Design: The Future is Now Building Fortresses on Shifting Sands: Why We Need a New Security Blueprint For decades, our approach to digital security has felt like a frantic game of whack-a-mole. A new vulnerability…

Proactive Defense in Protocol Design: The Future is Now #zerotrustarchitecture #CybersecurityTrends #cryptographicagility #protocoldesignprinciples #securebydesign #resilientnetworks #formalverification #decentralizedidentity #networkprotocolhardening #threatmodeling

STRIDE GPT automates STRIDE threat modeling and attack-tree generation using LLMs. Demo highlights Groq models (Llama 3.3 70B, Qwen3 32B) and a Streamlit UI that accepts architecture descriptions (React/Node.js, JWT). #tool #ai #threatmodeling https://bit.ly/3Nlbb7E

At some point you stop asking questions and just escalate the cat.

#ThreatModeling #Escalation #SecurityHumor #RiskManagement #SystemsThinking #DefenseInDepth

This is what happens when your defense strategy is technically correct but wildly outmatched.

#Cybersecurity #ThreatModeling #RiskManagement #DefenseInDepth #SecurityThinking #SystemsThinking #HumanBehavior

AI isn't one system, and your threat model shouldn’t be either - Help Net Security Threat modeling for Al-optimized infrastructure segments AI by function and impact, improving reliability, security, and business.

AI isn’t one system, and your threat model shouldn’t be either

📖 Read more: www.helpnetsecurity.com/2025/12/19/n...

#cybersecurity #cybersecuritynews #threatmodeling #AI

Why AI and cloud-native are security game-changers Software risk have changed. Modern security means continuous, identity-centric, AI-aware threat modeling woven into CI/CD and design pract...

Software risk have changed. Modern security means continuous, identity-centric, AI-aware threat modeling woven into CI/CD and design practices. jpmellojr.blogspot.com/2025/12/why-... #CloudSecurity #ThreatModeling #AIsecurity #SecureByDesign #CSA

GenAI opens new security risks.
At #PlanetCyberSec AI@Work, Sebastien Deleersnyder breaks down why traditional #AppSec isn’t enough for “Black Box” AI and how DICE Threat Modeling identifies unique AI threats.

#AIatWork #GenAI #ThreatModeling #AIrisks #BlueSkyTech #CyberSecurity
bit.ly/4gGDLey

Why AI and cloud-native are security game-changers | ReversingLabs Existing security practices weren't designed to tackle today's risks, CSA notes in new guide -- making updating tooling essential.

A new guide on #threatmodeling for the cloud in the era of AI has been released by the CSA. It calls out that existing security practices aren't cutting it for the new era: https://bit.ly/447HlJD

#AISecurity #CloudSecurity #SoftwareSupplyChainSecurity

🎄 Neues Java Magazin 1.2026 von @entwicklerde.bsky.social!

Im Fokus: Threat Modeling – Attack Trees, IaC-Security, Gamification & mehr. Dazu Python für Java-Dev & Kubernetes.

➡️ Im Fullstack-Abo kostenlos: https://f.mtr.cool/avqpzyruec

#JavaMagazin #ThreatModeling

Gamification im Threat Modeling Gamification im Threat Modeling: Mit Kartenspielen die Sicherheitskultur stärken, Kommunikation fördern und Security-Ideen im Team vorantreiben.

🎲 Gamification + #Security?

Christoph Niehoff zeigt, wie Kartenspiele wie Elevation of Privilege oder #OWASP Cumulus Dev-Teams helfen, kreativ und motiviert Bedrohungen aufzudecken – statt trockene Listen zu pflegen.

📰 Artikel: https://f.mtr.cool/tnblxohmxh

#ThreatModeling #DevSecOps #jaxcon

Threat hunting is my fav thing to do... when I'm not building @SupportXDR

#CyberSecurity #ThreatResearch #threathunting #threatmodeling #Security #Kali #cyber

The State Of Threat Modeling Survey (hashtag#SOTM) 2025-2026 from Threat Modeling Connect has been sent out (see: threatmodelingconnect.com/state-of-threat-modeling-2025-2026 ). Find out how your organization is doing regarding threat modeling!

#threatmodeling #security #infosec #appsec