Securing Artificial-Intelligence Systems
The methods underpinning the production machine learning systems are systematically vulnerable to a new class of vulnerabilities across…
How the “Pyramid of Pain” disrupts the security built on the indicators of compromise (IOC).
The “Pyramid of Pain” is a cybersecurity concept that suggests that the more layers of an organization’s defenses…
The Time-to-Compromise Metric for Practical Cyber Security Risk Estimation
The Time-to-Compromise (TTC) metric is a useful tool for estimating the risk of cyber attacks and determining the…
Evolution of graphs and attack trees in cybersecurity
The evolution of graphs and attack trees has played a significant role in the field of cybersecurity. These…
Avoiding cognitive bias during cyber threat analysis
Cognitive bias is a natural human phenomenon that occurs when we make judgments or decisions based on our…
New data transmission standards in cyber intelligence
STIX (Structured Threat Information eXpression) and TAXII (Trusted Automated Exchange of Indicator Information) are two important standards in…
Measuring the cyber threat
Measuring the severity of a cyber threat can be a challenging task, as it involves evaluating the potential…
Decompiling Mobile Device Technology Stack
Mobile devices share some architectural similarities with their desktop counterparts, but there are significant distinctions between personal computers…
MITRE ATT&CK: Beyond the Limits
The MITRE ATT&CK framework is a widely-used resource for understanding and mitigating cyber threats. It is a comprehensive…
Threat Modelling: It’s Not Just for Developers
Threat modeling is a crucial part of the software development process, but it’s not just for developers. In…