GuidePoint Security AppSec 2022 Predictions: Threat Modeling and Software Supply Chain Security
< 1 min read
November 1, 2021 – Article posted on VMBlog
In this article, GuidePoint Security’s Application Security Strategic Services Practice Lead, Josh Wallace, highlights two trends for the coming year in the AppSec space.
- Threat modeling: New standards from NIST and OWASP have come out around threat modeling. Threat modeling provides a win-win scenario by educating teams on the use of security leading practices, and allowing teams to scale their security efforts while avoiding costly design flaws that are difficult to fix once the application has already been deployed to production.
- Software Supply Chain: The impact of supply chain attacks in the last year have wreaked havoc on systems, industries and consumers. As such, more organizations will be focusing on supply chain security due to these attacks and breaches, as well as the Executive Order on Improving the Nation’s Cybersecurity. The big impact we will see is that organizations will be struggling to understand the 3rd party and open source libraries that are used in their software development.
Read More HERE.