agile - Abhay Bhargav

Abhay Bhargav

Sign in Subscribe

agile

A collection of 3 posts

Mozilla's Rapid Risk Assessment (RRA) - Interview

threat modeling Featured

Mozilla's Rapid Risk Assessment (RRA) - Interview

I have always been passionate about Threat Modeling. Especially at efforts at: * scaling it * speeding it up * doing it collaboratively without having your Product Engineering Teams hating you * Codifying it, or.. * Integrating it with DevOps On the other hand, I have always found Mozilla to be a fascinating organization. They

Think "Feedback" over "Pipelines" for DevSecOps Success

Think "Feedback" over "Pipelines" for DevSecOps Success

For a while now, the term DevSecOps has become synonymous with Pipelines. That is natural. DevOps, for the longest time has been associated with pipelines. I am sure, that if you've read anything around DevOps or DevSecOps, you'd have heard of the term "CI/CD&

Thoughts on Using and Scaling Threat Modeling

threat modeling

Thoughts on Using and Scaling Threat Modeling

Some of my pet peeves with Threat Modeling, as its currently done by a lot of orgs out there: 1. Threat Models are generated as tomes, rarely used by the people who need to be using it (architects, engineering teams, business owners, even security people) 2. Consequently, Threat Modeling does