Matthew Coles's Avatar

Matthew Coles

@eternewbie.bsky.social

Security professional. Author. Speaker. Mentor. Always a newbie, continual learner. Avid gamer. #threatmodeling | OWASP pytm | The Security Table podcast

559 Followers  |  86 Following  |  15 Posts  |  Joined: 25.12.2023
Posts Following

Posts by Matthew Coles (@eternewbie.bsky.social)

My mantra is threat modeling is human oriented, tool assisted. Using an AI based threat modeling system fits in with the tool assistance; just don't make use of the tool a thing in isolation.

05.01.2025 22:22 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

MITRE's Common Weakness Enumeration (CWE) entries include information like what you seek. Not super developer friendly though that is improving.

01.01.2025 04:51 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Would be interesting to see the risk formula for this. Accidents tend to happen close to home, and if you don't drive much then you're more likely to get into an accident when you do venture out? Hopefully not having debt is not a factor, maybe positive debt leads to care when driving (theory)?

27.12.2024 16:36 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Cloud in shape of a bird wing, at sunset

Cloud in shape of a bird wing, at sunset

Treated to a beautiful cloud formation at sunset.

18.12.2024 21:50 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
The Security Table The Security Table is four cybersecurity industry veterans from diverse backgrounds discussing how to build secure software and all the issues that arise!

Have you seen The Security Table podcast yet? If you haven't, and have some vacation time this holiday season, be sure to check out the series (available on both audio only and YouTube).
securitytable.buzzsprout.com

17.12.2024 01:46 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 1    πŸ“Œ 1
Preview
β€˜Alice and Bob Learn’ Book Series Learn application security from the very start, with this comprehensive and approachable guide!

πŸ“š Exciting News! My new book "Alice and Bob Learn Secure Coding" is launching on Feb 5th, 2025. Get ready to dive into the world of secure coding with Alice and Bob! Learn more: shehackspurple.ca/bo...

06.12.2024 16:00 β€” πŸ‘ 13    πŸ” 4    πŸ’¬ 1    πŸ“Œ 0

Definitely check this out if you haven't already. Besides Tanya's chapter you'll find one from @adamshostack.bsky.social and @izart.bsky.social too.

03.12.2024 05:11 β€” πŸ‘ 11    πŸ” 6    πŸ’¬ 0    πŸ“Œ 0
Post image

πŸš€ Calling all Speakers! πŸš€ Don't miss out on this thrilling opportunity to submit your paper for the 2025 #OWASP Global #AppSec EU Call for Presentations. Share your knowledge with the #cybersecurity community and shine a light on your skills. Take action now!
sessionize.com/owasp...

02.12.2024 19:28 β€” πŸ‘ 11    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0

Yes indeed! For some reason I cannot add @kimwuyts.bsky.social to the Starter Pack for Threat Modeling... Bug in Bluesky or some content restriction, not sure.

03.12.2024 02:22 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

go.bsky.app/RpHnAcy
#threatmodeling #securebydesign

01.12.2024 05:06 β€” πŸ‘ 11    πŸ” 7    πŸ’¬ 1    πŸ“Œ 0
Tired coated shepherd dog face sleeping position, extreme close-up

Tired coated shepherd dog face sleeping position, extreme close-up

28.11.2024 13:28 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

You have other black Friday sales throughout the year? ;)

26.11.2024 19:57 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

I'd love to know where to get one of those t-shirts!

22.11.2024 02:27 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Your Security Plan Trying to protect all your data from everything all the time is impractical and exhausting. But, have no fear! Security is a process, and through thoughtful planning, you can put together a plan that’...

I'm seeing a lot of bad digital security advice out there right now. I'm begging you, for the love of God, if you are trying to tighten up your digital security, please start with threat modeling: ssd.eff.org/module/your-...

09.11.2024 05:10 β€” πŸ‘ 398    πŸ” 190    πŸ’¬ 31    πŸ“Œ 7
Preview
What is a Common Weakness Enumeration – CWE CWE stands for Common Weakness Enumeration. It is a community-developed list of software and hardware weakness types that can serve as a common language for describing, sharing, and identifying sec…

CWE stands for Common Weakness Enumeration. It is a community-developed list of software and hardware weakness types that can serve as a common language for describing, sharing,...

#security #cwe #cvss #securecoding

svenruppert.com/2024/01/10/w...

10.01.2024 16:27 β€” πŸ‘ 4    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0

Just looking through some of the #appsec posts they seem to be months old. Now that hashtags are properly implemented here either time to create content or folks need to re-tag existing stuff to make it more easily discoverable? #threatmodeling #securebydesign #securecoding 1M+ new users helps.

17.11.2024 12:52 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Up to date on your Tetanus vaccine?

17.11.2024 12:39 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Airplane!

15.11.2024 04:26 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Threat Modeling Capabilities Documents a catalog of capabilities to help you cultivate value from your Threat Modeling practice.

Sharing news from the team that brought the Threat Modeling Manifesto - a set of capabilities for helping individuals and organizations create or optimize a threat modeling program. www.threatmodelingmanifesto.org/capabilities/
#threatmodeling #securitybydesign #privacybydesign

11.01.2024 16:17 β€” πŸ‘ 7    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0