Security

Security

How to address threats, attacks, vulnerabilities, and countermeasures.

STRIDE Explained

STRIDE is an acronym to help you think about potential software security threats and attacks.  It helps you think evil (i.e. like an attacker.) ...

Security Principles

If you know the underlying principles for security, you can be more effective in your security design.  While working on Improving Web Application Security:...

Cloud Security Frame

Here is a draft of our Cloud Security Frame as part of our early exploration work for our patterns & practices Cloud Security Project. It’s a lens for looking at Cloud Security. The frame is simply a collection of Hot Spots. Each Hot Spot represents an actionable category for information. Using Hot Spots, you can quickly find pain and opportunities, or key decision points.

Threats, Attacks, Vulnerabilities, and Countermeasures

What’s the difference between software threats, attacks, and vulnerabilities?  While working on Improving Web Application security, we found a lot of confusion, so we...

Visual Threats and Countermeasures

While working on patterns & practices Security guidance, I pushed the idea of "Visual Threats and Countermeasures."  I wanted a simple way to...