Software Integrity Blog

Author Archive

Kinnaird McQuade

kmcquade

Kinnaird McQuade is a senior security consultant at Synopsys. He specializes in vulnerability assessments and security architecture reviews. Kinnaird holds a B.S. in Cybersecurity and Computer Science from Marymount University.


Posts by Kinnaird McQuade:

 

5 things to do before your threat modeling assessment

When preparing for a threat modeling assessment, there are a lot of moving parts to consider within a firm. These assessments often cause concerns throughout the organizational hierarchy. Don’t worry, that’s normal. To steady those nerves, here are five activities to undertake before your next threat model that will set your team and organization up for success: 1. Assemble relevant documentation and diagrams. The idiom “a picture is worth a thousand words” suits a variety of security-relevant visuals. Architecture diagrams, network diagrams, logical models, deployment models, and data flow diagrams are a few examples that can provide a forest-level view of a software system’s security posture. Also provide more detailed artifacts if possible. Requirements documents, design documents, and any other documentation related to the application is always helpful.

Continue Reading...

Posted in Software Architecture and Design | Comments Off on 5 things to do before your threat modeling assessment