IT Risk Management Simply explained: Threat modelling

This is a process of preparing, identifying risks, mitigating them and regularly review the risks. Hence, this is a continuous process that requires regular review. Two well-known framework assist here: STRIDE (Spoofing, Tampering, Repudiation, Informaton Message disclosure, Denial of Service & Elevation of Privilege) PASTA Risk must be classified on the scale of risk of …

Read more

Cybersecurity: Penetration testing

Penetration testing is a technique applied by white hat hackers to test the security of their infrastructure. With penetration testing, a white hat hacker will try to exploit all existing vulnerabilities with the goal of further optimizing and securing the infrastructure of the target. Hence, penetration testing is often done by organizations to get a …

Read more