Are there any best practices out there to connect #MITRE #ATT&CK and #D3FEND while doing a #Threatmodel in a #TOGAF #ADM security architecture?

How do I go from »There is an attack vector!« to »The developers closed their tickets which implement all relevant counter measures«?

Does #SABSA or #PASTA offer any insight here?

So I spent some time in #PlantUML trying to model #Risk #Trust #Attacks to tie #TOGAF #SABSA #Threatmodel and #PASTA #STRIDE together

As a Hacker, I don't need a fancy #diagram to visualise the attack vector and path I am already seeing. But as security architect/Team Blue I need to show it to others who don't see it.
And it has to be audit compliant.

The public repo with my PUMLs is here, feel free to reuse it
https://codeberg.org/0xKaishakunin/Architecture/src/branch/main/PlantUML-ModelingTrust

The security architecture patterns have been overhauled and revamped, after 15 years.

They are also now Open Source 😍

https://opensecurityarchitecture.org/

And PlantUML icons for architects are also available now, including black hats and white hats

https://github.com/Crashedmind/PlantUML-opensecurityarchitecture-icons

#architecture #security #floss #togaf #sabsa #uml #plantuml

We are pleased to announce the first Artificial Intelligence in Vibe Security conference.

The CfP is open for submissions at http://127.0.0.1:8080

#ai #security #hacking #vibe #sabsa #togaf #bitcoin #crypto

Ich habe eine neue Artikel-Reihe gestartet: #Wissensmanagement in der #Architektur

Wie wir mit #AsciiDoc, #Git, #BibTeX und etwas #Perl komplexe Dokumente in der Architektur erstellen und vor allem wiederfinden und #Revisionen tracken.
Außerdem ein paar Punkte warum #MarkDown saugt und #kroki fetzt

https://www.kaishakunin.com/posts/architekturwissensmanagement/01/

#togaf #sabsa #semver

SABSA® Certified but asking yourself how to start or continue your Security Architecture journey? 
How to build the (Enterprise) Security Architecture for the company?

Look no further. We have designed a training dedicated to the application of hashtag#SABSA. Where we during the course provide you workshops to experience how it can be done, provide you with examples you can use, help you start your template and roadmap to start when you’re back at work.

There’s no need to be certified in SABSA to attend this course. We will provide you the right information about the essential elements to help you kickstart your (E)SA journey.

Register for a course now at https://www.hellorisktraining.com

#SABSA #riskmanagement #infosec #cybersecurity #ESA #enterprisesecurityarchitecture #training #business #EnterpriseArchitecture

We’re committed to support your professional development and career growth. That’s why we’re excited to share this exclusive opportunity in partnership with Vital Learning Edge

For a limited time, you can double your training while staying within budget.

THE OFFER:
• Purchase a Vital Lead Membership ($899 + GST) by 31 May 2025
• Book and attend one full-priced course by 30 September 2025
• Get a second course FREE! (Full Terms & Conditions Apply)
• Gain Access to exclusive VLE member-only webinars and workshops

How to Claim:
Enquire with Vital Learning Edge, mention this ad and HelloRisk Training to unlock this offer!

https://hellorisktraining.com//vle_partner_link

#HelloRisk #HelloRiskTraining
#RiskManagement #Training
#SABSA #cybersecurity #infosec #education #business

Attention: #SecurityArchitects

Have you completed our survey???? - https://forms.gle/5Q6uC38wYiGKnWFX6
If you haven't, it closes THIS FRIDAY 28 Feb.

As two professionals who love this space, @sarahyo and I have noticed lots of inconsistencies in this role and we want to help shape this for current and future architects. We can't do this based on our industry experience alone, we need YOUR experience, and a global sample.

If you haven't, please consider filling this out. Pass it onto your SecArch teams, your SecArch friends, or those practicing. We would be grateful. The more data we have, the better our findings and recommendations will be.

No PII is gathered.
Our findings and raw data will be shared.

#SecurityArchitect
#SABSA
#Architecture

To all the #SecurityArchitects who have supported our survey and research collection so far - THANK YOU.

At the end of February we will close the form and start analysing the data submitted by you all - EXCITING!

We STILL would like more data! As can be seen, we need more security architects to respond from Africa, South America and the EMEA regions. With your help we will be able to share:

- average salary (age, gender, location)
- pathways for future security architects
- education and certifications (if any)
- duties (reality vs expectations)
- and much more helping grow this great role

* NO PII is collected - https://forms.gle/LqAsYEnniouQtZAL8

We will release the raw results, but we need people to respond. We are almost there. Please repost, share with your teams, or others you know performing this role.

#SecurtyArchitecture #SecurityArchitect
#SABSA
#Architect