Threat Modeleris a company that provides threat modeling software and has launched a threat model marketplace.
This new platform aims to make DevSecOps accessible to businesses of all sizes. The Marketplace includes pre-built threat models that you can integrate into your development pipeline, along with educational resources such as tutorials, best practices, and case studies.
Specifically, we plan to launch an online shop with 50 pre-built threat modeling templates and introduce up to 50 new threat models each month. A future update will reportedly allow third parties to upload customized threat models and download them for free or at a nominal cost.
ThreatModeler CTO John Steven said:
“For organizations desperate to help overcome the persistent challenges that come with modeling, the Threat Model Marketplace is the right platform at the right time and an important resource for facilitating access to this critical security resource. It’s a big step.”
According to the company, this is the first platform of its kind and aims to help small businesses that are short on resources. Hire a dedicated security expert Incorporate threat modeling into the development process.
“Executives are understandably cautious about adopting new security tools because with each new security tool adoption comes new costs, training requirements, and workflow disruptions. says so.
Executives added that by providing pre-built threat models, companies can accelerate their systems development life cycle (SDLC) and move to the cloud by starting with security and compliance.
“However, the really exciting aspect of the Threat Model Marketplace is the community that unlocks it,” Agarwal said. Information security.
In other words, providing a platform for third-party submissions of vetted cybersecurity assets for businesses to download fundamentally democratizes access to and adoption of architectures that follow cybersecurity best practices.
Agarwal said:
The Threat Model Marketplace is ThreatModeler website. The first 90 days are currently free, but the company says: Information security This period may be extended.
For more information on DevSecOps threat modeling, see This analysis By Cybersecurity Reporter Sean Michael Kerner.