Cybersecurity

Security Compass 2024 State of Security by Design and Threat Modeling

In today’s cybersecurity landscape, security by design is becoming a standard in software development. In this context, threat modeling plays a critical role in identifying, assessing, and mitigating potential security vulnerabilities in software systems as they are built. This report finds the majority of organizations that perform threat modeling do so from the design stage […]

Security Compass 2024 State of Security by Design and Threat Modeling Read More »

Cybersecure Software Development: Management Views on AI

This research was commissioned by Security Compass and conducted by Golfdale Consulting, Inc. It explores the view of managers and executives overseeing cybersecurity and software development in large companies that build software. It explores their views on the use of AI in software development and as integrated components of their digital products.

Cybersecure Software Development: Management Views on AI Read More »

The 2023 State of Secure Development & ATO in U.S. Government Agencies

A Quarterly interactive e-book publication of primary research findings conducted for Security Compass. The report quantifies the challenges and opportunities being confronted by US government agencies at the federal, state and local levels. Software development methods, security expertise, developer controls and mitigations, communication approaches, and current approaches to ATO compliant software development are explored.

The 2023 State of Secure Development & ATO in U.S. Government Agencies Read More »

The Security Compass 2023 State of Threat Modeling

In today’s cybersecurity landscape,threat modeling plays a critical role in identifying, assessing, and mitigating
potential security vulnerabilities in software systems. This evidence-based research explores the current state
ofthreat modeling and the challenges organizations face while scaling the process for applications they build
and deploy.

The Security Compass 2023 State of Threat Modeling Read More »

2022 Year in Review – Interactive Report of Annual Research Findings on Cybersecurity

What follows are highlights from primary research studies Security Compass commissioned in 2022 on topics in cybersecurity, covering Developer Perspectives on Application Development, DevSecOps Perspectives on AppSec Training, and Application Security in the Mid-Market.
The research was conducted independently by Golfdale Consulting, Inc.

2022 Year in Review – Interactive Report of Annual Research Findings on Cybersecurity Read More »

2022 DevSecOps Perspectives on AppSec Training

Given the importance that eLearning plays in developing secure software, this ebook provides an overview of our research into AppSec training approaches. Findings include “deep dives” into budgeting, training challenges, time consuming elements, how best to reinforce AppSec eLearning, and the value of accreditation to individual contributors, managers, and organizations.

2022 DevSecOps Perspectives on AppSec Training Read More »

2022 Developer Perspectives on Application Security

Most developers involved in product builds believe their companies to have a mature security posture but nonetheless struggle to keep up to date with growing regulations and compliance requirements. On the cybersecurity front, developers view automated modeling, integration with other tools, and matching the speed of new threats that emerge as all highly important. Security must start with design and remain a critical element at each stage of the SDLC.

2022 Developer Perspectives on Application Security Read More »

2022 Application Security in the Mid-Market

Over 90% of mid-market companies that develop software are interested in solutions that automate proactive security and compliance processes.
Companies looking to accelerate their software development in tandem with stronger cybersecurity compliance measures are looking to just-in-time training (JITT) for their software developers and automated built-to-purpose cybersecurity software for accomplishing these goals.

2022 Application Security in the Mid-Market Read More »

Security Compass – 2021 Year in Review: An interactive report of annual research findings

This year-end summary highlights four primary research studies Security Compass commissioned in 2021 on topics in Cybersecurity, covering DevSecOps, Cloud Adoption, Threat Modeling, and the US DoD. The research was conducted independently by Golfdale Consulting, Inc.

Security Compass – 2021 Year in Review: An interactive report of annual research findings Read More »

Security Compass – The 2021 State of Secure Development & ATO in U.S. Government Agencies

The report quantifies the challenges and opportunities being confronted by US government agencies at the federal, state and local levels. Software development methods, security expertise, developer controls and mitigations, communication approaches, and current approaches to ATO compliant software development are explored.

Security Compass – The 2021 State of Secure Development & ATO in U.S. Government Agencies Read More »