Guides and Materials
Members of the Proactive Risk crew have contributed to many industry guides and technical projects. Below are some of the materials that can help you gain a valuable perspective.
Peanut Butter and Jelly Risk Management
Webinar On Demand
This interactive session with Security Scorecard and PENTESTON® will provide you with a solution for meeting New York State, Department of Financial Service 23 NYCRR 500.
This is particularly relevant for requirements
- 500.02(Cyber Security Program)
- 500.03(Cyber Security Policy)
- 500.05(Penetration Testing and Vulnerability Assessment)
- 500.09 (Cyber Security Risk Assessment).
Tactical Threat Modeling
Threat modeling, a key technique for architecting and designing systems securely, is a method that many SAFECode members employ. This paper leverages SAFECode members’ insights to offer effective ways to better integrate threat modeling and provides a great resource for organizations that are looking to integrate threat modeling into their own development processes and teams.
Building Code for Medical Device Software Security
The elements presented here aim to start builders of software for medical devices down the road toward a building code for software security that will reduce the vulnerability of their systems to malicious attacks, just as codes for physical buildings help their designers and builders create structures that resist threats from fire, wind, water and, in some cases, malicious attacks.