IT Vendor Risk Management Questions
Evgeny Belenky
IT Central Station
Sep 13 2021

Hi security professionals,

What tool would you recommend for threat modeling implementation in an enterprise? Please elaborate on why this would be your choice.

Thanks.

John RendyTo best understand Threat Modelling, an enterprise should be familiar with Cyber… more »
Jairo Willian Pereira
Information Security Manager at a financial services firm with 5,001-10,000 employees

Does anyone have recommendations about methodologies (e.g. use of FAIR framework), plug-ins (ETL schemas, FOSS add-ons) or commercial/free solutions (like Kenna) that can help us during "integration, transformation and consolidation" of vulnerability into risks (from Tenable.IO to Archer)?

James DirksenYes, take a look at DeepSurface. It’s designed to automate the process.