| Table of Contents | ||||
|---|---|---|---|---|
|
...
Automate threat modeling to enable fast and secure software development
Similar to security risk analyst, CyberSage conducts security risk analysis for a business feature (e.g, customer login on a web application) and identifies possible security weaknesses introduced by certain design choices, the attack vectors which may exploit such weakness. The analysis is automated with CyberSage.
...
CyberSage keeps the enterprise and the technology asset’s contextual information such as inherent risk assessments (IRA), threats and existing controls in Threats & Risk Repo. CyberSage also obtains more contextual information from users (if required in inference). Such contextual information are used in the inference to produce tailored threat model aligned with these contextual information.
Enable the Threat modeling to be driven by business value and risk, instead of
...
by technological stacks alone.
CyberSage supports the threat modeling methodology, where the threat model is derived from business values and the threats to these values.
...