How to address threats, attacks, vulnerabilities, and countermeasures.

Cloud Security Frame

Here is a draft of our Cloud Security Frame as part of our early exploration work for our patterns & practices Cloud Security Project. It’s a lens for looking at Cloud Security. The frame is simply a collection of Hot Spots. Each Hot Spot represents an actionable category for information. Using Hot Spots, you can quickly find pain and opportunities, or key decision points.

Security Hot Spots

Security Hot Spots are a lens for security. If you know what you're looking for, you can find it. When you don't know what you're looking for, you can waste a lot of time. The Hot Spots provide a way to find, organize and share software security knowledge. You can use hot spots to share principles, patterns, and practices. You can also use hot spots to share knowledge around threats, attacks, vulnerabilities, and countermeasures. Rather than deal with a laundry list of information, use hot spots to focus your attention on key categories. The Hot Spots are actionable and they are high ROI. The Hot Spots helps you simplify, clarify and gain insight before you elaborate, maximize and optimize.

Security Approaches That Don’t Work

Photo by CarbonNYC If it’s not broken, then don’t fix it ... The problem is, you may have an approach that isn’t working, or it’s not...

Visual Threats and Countermeasures

While working on patterns & practices Security guidance, I pushed the idea of "Visual Threats and Countermeasures."  I wanted a simple way to...

Quality Attributes Frame

I found an organizing frame for quality attributes (security, performance, ... etc.) on and I think it's helpful.  They organize quality attributes by...