Blog | Threat Model Co

Security Insights May 9, 2025

Security Insights: Identity Evolved, Supply Chain Risks & Active Exploits

A curated collection of security developments and research from across the industry, with practical insights and analysis.

ai threat intelligence

Read more →

Security Insights May 2, 2025

Security Insights: Zero-Days, APTs and AI Risks

A curated collection of security developments and research from across the industry, with practical insights and analysis.

ai threat intelligence

Read more →

Cybersecurity Apr 30, 2025

Insider Threats Are Evolving: Is Your Threat Model?

Examines the evolving insider threat landscape, focusing on state-sponsored DPRK IT workers who infiltrate organisations via fraudulent hiring, their motives, TTPs, and necessary defence adaptations including enhanced vetting and technical controls.

threat modeling

Read more →

AI Security Apr 30, 2025

LlamaFirewall: AI Agent Open-Source Guardrail System

An overview of LlamaFirewall, an open-source guardrail system for AI agents, detailing its components: PromptGuard 2, AlignmentCheck, and CodeShield.

ai

Read more →

Cybersecurity Apr 23, 2025

Insights from Mandiant M-Trends 2025 Threat Report

Key findings from the Mandiant M-Trends 2025 report, including shifts in initial access vectors like stolen credentials, cloud compromise tactics, and the risks of unsecured data.

threat intelligence

Read more →

AI Security Apr 19, 2025

Hands-On with the Agent Development Kit (ADK): A Security Triage PoC

A first look at the Google Agent Development Kit (ADK), testing its multi-agent delegation capabilities with a security alert triage Proof-of-Concept.

ai

Read more →

Cybersecurity Apr 15, 2025

Zero Trust Maturity Model: Assessing Identity Maturity

A look at the Identity pillar in CISA's Zero Trust Maturity Model. Learn about the key Functions and vendor-agnostic steps towards better identity security.

zero trust

Read more →

Cybersecurity Apr 14, 2025

Zero Trust: What It Is and Why It Matters

Explains the Zero Trust security model ("Never Trust, Always Verify"), its key drivers like digital transformation and remote work, its benefits for compliance, and the CISA framework for implementation.

zero trust

Read more →

AI Security Apr 6, 2025

The AI Security Balance: Criminal Exploitation vs. Defensive Innovation

Examines the dual use of AI in security, covering criminal exploitation tactics highlighted by the Alan Turing Institute and defensive advancements like Google Sec-Gemini v1.

ai cybersecurity threat intelligence +5 more

Read more →

Cloud Security Apr 4, 2025

Automating Cloud Compliance Checks with Best Practices in AWS, Azure and GCP

Explore how automating cloud compliance checks in AWS, Azure, and GCP using native tools can reduce risk, save costs, and improve security posture.

cloud security compliance aws +2 more

Read more →

Threat Modeling Apr 2, 2025

Threat Modeling with Attack Trees

Learn the basics of threat modeling using attack trees, including how to build them, practical examples, and mapping to MITRE ATT&CK.

threat modeling

Read more →

Cybersecurity Mar 21, 2025

Actionable Defences Against AI-Powered Phishing

Learn how AI is transforming phishing attacks and discover practical strategies to protect your organisation against sophisticated AI-powered social engineering attempts.

phishing ai threat modeling

Read more →

Threat Modeling Mar 21, 2025

Threat Modeling's Blind Spots: Navigating the Complexities of Scope Definition

Discover how proper scope definition in threat modeling can uncover hidden vulnerabilities and strengthen your security posture through systematic boundary analysis.

threat modeling

Read more →

AI Security Mar 20, 2025

MCP Security 101: Exploring AIs Universal Connector

Explore how the Model Context Protocol works as a universal connector for AI systems, and security considerations when implementing it.

mcp ai

Read more →