Enduring Ideas in the Realm of Software
How to address threats, attacks, vulnerabilities, and countermeasures.
“In cybersecurity, the stakes are incredibly high, and the margin for error is razor-thin.” — Stephanie Douglas As someone who has spent over 20 years at Microsoft, I have had a front-row seat to witness the evolution of the security industry. In those two decades, the world has seen a dramatic increase in the number …
“Security is not a product, but a process.” — Bruce Schneier On This Page Top 10 Software Security Threats Software Security Threats / Attacks by Category STRIDE Categories of Threats Security Threats and Countermeasures Framework MITRE ATT&CK Framework Welcome to the fascinating and ever-evolving world of software security. As technology continues to advance, the importance …
“Ensuring security of your software should be an integral part of your business strategy, because the cost of a breach can be devastating to a company’s finances and reputation.” — Satya Nadella, CEO of Microsoft. I’ve worked with so many software security leaders and learned so much over the years. I know getting started with …
Here is a draft of our Cloud Security Frame as part of our early exploration work for our patterns & practices Cloud Security Project. It’s a lens for looking at Cloud Security. The frame is simply a collection of Hot Spots. Each Hot Spot represents an actionable category for information. Using Hot Spots, you can quickly find pain and opportunities, or key decision points.
Security Hot Spots are a lens for security. If you know what you're looking for, you can find it. When you don't know what you're looking for, you can waste a lot of time. The Hot Spots provide a way to find, organize and share software security knowledge. You can use hot spots to share principles, patterns, and practices. You can also use hot spots to share knowledge around threats, attacks, vulnerabilities, and countermeasures.
Rather than deal with a laundry list of information, use hot spots to focus your attention on key categories. The Hot Spots are actionable and they are high ROI. The Hot Spots helps you simplify, clarify and gain insight before you elaborate, maximize and optimize.
