Entries by SecurityOrb_Staff

Introduction to Security Threat Modeling

Recently reviewed Security threat modeling, or threat modeling, is a process of assessing and documenting a system’s security risks. Security threat modeling enables you to understand a system’s threat profile by examining it through the eyes of your potential foes. With techniques such as entry point identification, privilege boundaries and threat trees, you can identify strategies to mitigate potential threats to your system. Your security threat modeling efforts also enable your team to justify security features within a system, or security practices for using the system, to protect your corporate assets.

Vulnerabiltiy Management in the Cloud

Vulnerability management is a key component of a strong information security program. And that’s making sure that with everything you’re doing – in the cloud, on the desktop, browsers and server environments – you can reduce the vulnerabilities so that no matter what threats are out there, they are less likely to be successful.

SC eSymposium: SIEM

Security information and event management (SIEM) systems are a critical part of any organization’s defense. By correlating and giving meaning to data from any number of tools — from intrusion detection systems and firewalls to web logs or flow data — SIEMs allow security teams to understand what’s happening on their networks. However, they can be difficult to deploy and sometimes even harder to make work. We explore just how some companies find help from SIEMs and what organizations be mindful of as they look to deploy these.