/
CyberSage Live Test Drive in Microsoft Azure commercial marketplace

CyberSage, Threat Modeling Automation

CyberSage Live Test Drive in Microsoft Azure commercial marketplace

This content is archived.
no longer applicable
Learn more

Test Drive Introduction

 

With AI assisted Threat Modeling and developer work management tool integration, CyberSage is to enable software developers conduct threat modeling on their own without becoming a security expert. Developers will manage the tasks to remediate the security weaknesses identified in threat modeling with developers workflow management solutions (e.g, Jira).

CyberSage scales up threat modeling to enterprise level through automation. Threat modeling automation enables fast and secure enterprise software development. A number of roles, including software developers, architects, development management, cyber security and risk management finds Threat Modeling automation improves their efficiency.

In the test drive, we have built use cases for different enterprise roles, from developers to AppSec professionals.

You will try out Threat modeling automation with these test drives and use cases.

 

How to access the Test drive

Request Test Drive

  1. Login Azure marketplace with your Azure marketplace account

  2. find CyberSage SAAS with this link CyberSage @Microsoft Azure Marketplace or search with keyword “CyberSage”.

  3. Request the test drive as shown

4. the marketplace UI will show the test drive is ready shortly.

The test drive URL and access credentials will show up on the page in about 20 minutes. You will receive an email from Azure marketplace too.

Access the test drive

1. access test drive site that you received on the Azure website by copying and pasting it to your browser address bar

2. login with the provided credentials, which are available on both the Azure page or in the email.

 

Test drives for different enterprise roles

You will find use cases for various enterprise roles in the CyberSage plans document. Some of the use cases are built in the test drives.

 

Test drive for developers

In the live test drive, you (a software developer) can use CyberSage to perform threat modeling to a number of business features (e.g, feature to update customers to profile) of a web application. With the threat modeling, you will identify a number of potential security weakness in the design of the feature and provided with technical recommendations on how to remediate these weaknesses in your design.

You will also find that you (a software developer) are able to successfully conduct the threat modeling without being a security expert.

Test drive (without Jira integration)

Use case: developer conducts threat modeling for a business feature “update customer online profile”. This use case is built with CyberSage starter plan. Developer is able to complete threat modeling with the “standalone” (not integrated with developer work management tools) flavor of CyberSage.

How to:

Just sign in to CyberSage, and pick the application “Retail bank portal” and the business feature “Update User Profile UI” and hit “Submit”. The engine will take you to threat model this feature as shown below:

For details, please refer to CyberSage developer user manual

 

Test drive, Threat modeling with no questions asked

Use case: Developers complete Threat modeling with one click. No question is asked before a threat model tailored for the business and risk profile is produced. AppSec professionals customized the engine and provide it with risk, technology and control information about the application before hand, by leveraging the existing work of application security review. Then developers then enjoy this fast threat modeling going forward. Built once, run forever.

How to: Just sign in to CyberSage, and pick the application “Consumer Bank Portal” and the business feature “Update User Profile UI” and hit “Submit”. The engine will then build the threat model in the backend. Just click the “Tree graph” button at the bottom of the result page to exam the produced attack tree.

 

Test drive, with Jira integration (coming soon)

Use case: developer conducts threat modeling for a business feature “update customer online profile”. This use case is built with CyberSage standard or above plan. Developer is able to complete threat modeling with CyberSage integrated with Jira.

Test drive for development managers (coming soon)

Use case: Development managers utilize dashboards to find real-time status of security tasks (the remediation tasks for threat modeling findings) and how they are related to business user storied and releases. They are able to make risk-based decisions in their software releases.

How to: access sample dashoard of real-time security tasks status. The credentials are provided on the Azure marketplace test drive UI.

Test drive for Cyber and Application Security teams (coming soon)

Use case:

How to: