Posts Tagged ‘threat modeling’

Security threat assessment models are an important tool of an overall security and compliance program.  In order to create an effective set of security policies, it is necessary to understand the types of threats, their likelihood of occurrence, the impact of a breach/incident, and how the business can mitigate or control against these threats.  There […]

A data flow diagram (DFD) documents the path data takes throughout your process/system. It is important to document and keep accurate and updated. Part of the value of such a diagram is that it shows where data is crossing a trust boundary. For example, user input (low trust) from a web site crosses a boundary […]