Threat Modeling
Scaling threat modeling with engineering partners
- Adopt lightweight templates per architecture pattern (service, batch, data pipeline).
- Drive “just-in-time” modeling via PRs and design docs, not heavyweight reviews.
- Measure outcomes: time-to-mitigate, recurring issues, and automation coverage.
Software Supply Chain
SBOMs that developers actually use
- Generate in CI, store as artifacts; surface critical issues as PR checks.
- Tie component risk to runtime exposure (e.g., reachable code paths).
- Consolidate advisories; reduce alert noise with ownership & SLAs.
Cloud Security
Guardrails over gates in multi-cloud
- Baseline with CSPM; close loops through IaC policy + drift detection.
- Centralize key/cert lifecycle (HSM-backed) and enforce service identity.
- Automate exception reviews with expiry and risk scoring.
AI & SecOps
Using AI to supercharge detection engineering
- Use LLMs to propose hypotheses; humans validate signal vs. noise.
- Codify detections as tests; track precision/recall across releases.
- Maintain guardrails: red-teaming prompts and model output logging.