The Process for Attack Simulation and Threat Analysis (PASTA) is a risk-centric threat modeling methodology designed to align security efforts with business objectives and the potential impact of threats. Unlike traditional methods, PASTA emphasizes simulating realistic attack scenarios and assessing risks in a structured, iterative process.
The Application Security Guide For CISOs seeks to help CISOs manage application security programs according to their own roles, responsibilities, perspectives and needs. Application security best practices and OWASP resources are referenced throughout the guide.
Blockchain Application Security introduces the reader to the architecture and components of blockchain, as well as blockchain and bitcoin protocol, aimed at a basic level of understanding of the technical perspective. The book discusses the benefits, the vulnerabilities, and even the design flaws found in blockchain applications. It also teaches how to manage the risks of blockchain by deciding how digital assets, data confidentiality, and data availability should be protected from unauthorized access.
The OWASP AI Testing Guide seeks to help security leaders, practitioners, and developers understand and manage the security risks associated with modern AI systems. The guide provides practical testing methodologies, threat modeling approaches, and references to OWASP resources to support organizations in evaluating and securing AI applications, including LLM-based and generative AI systems.