Cumulus

Cumulus, from TNG Technology Consulting, is a cloud-centered version of Elevation of Privilege. Their suits are “access + secrets”, “delivery”, “recovery” “monitoring” and “resources.” I think its a good group, and I think they’ve done a good job defining threats. They seem likely enough in the real world, broad enough that they’ll provoke a discussion, and they written clearly.

Originally published by Adam on 06 Apr 2023
Categories:   application security   cloud security   threat modeling   threat model thursday