SlideShare a Scribd company logo

Just Enough Threat Modeling

Stephen de Vries, profile picture
Stephen de Vries

This document discusses techniques for optimizing threat modeling to require fewer resources. It proposes using templates and risk patterns to generate threats and countermeasures for common application components and use cases. This allows for more efficient "just enough" threat modeling compared to traditional manual methods. The document demonstrates how to decompose templates into reusable risk patterns and generate threat models through a rules engine. It also introduces the open source IriusRisk tool for implementing this approach.

Software
1 of 52
Downloaded 35 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
Just Enough Threat Modeling By Stephen de Vries @stephendv
About me Founder of Con+nuum Security SL Open Source BDD-Security project IriusRisk SDLC Risk Management solu+on 17 years in AppSec consul+ng Dev/Sec skill split
What is Threat Modeling? A.k.a: Architectural Risk Analysis
BSIMM 6 37% Perform design review of high risk applica+ons 28% Have SoQware Security Group lead design review efforts 85% Perform security feature review Ra+o of SoQware Security to Dev + QA = 1 to 245 Participating Firms The 78 participating organizations are drawn from four well-represented verticals (with some overlap): financial services (33), independent software vendors (27), consumer electronics (13), and healthcare (10). Verticals with lower representation in the BSIMM population include: insurance, telecommunications, security, retail, and energy. Those companies among the 78 who graciously agreed to be identified include: Adobe, Aetna, ANDA, Autodesk, Bank of America, Black Knight Financial Services, BMO Financial Group, Box, Capital One, Cisco, Citigroup, Comerica, Cryptography Research, Depository Trust and Clearing Corporation, Elavon, EMC, Epsilon, Experian, Fannie Mae, Fidelity, F-Secure, HP Fortify, HSBC, Intel Security, JPMorgan Chase & Co., Lenovo, LinkedIn, Marks & Spencer, McKesson, NetApp, NetSuite, Neustar, Nokia, NVIDIA , PayPal, Pearson Learning Technologies, Qualcomm, Rackspace, Salesforce, Siemens, Sony Mobile, Symantec, The Advisory Board, The Home Depot, TomTom, trainline, U.S. Bank, Vanguard, Visa, VMware, Wells Fargo, and Zephyr Health On average, the 78 participating firms had practiced software security for 3.98 years at the time of assessment (ranging from less than a year old to 15 years old as of October, 2015). All 78 firms agree that the success of their of software security it has not previously been applied at this scale. Previous work has either described the experience of a single organization or offered prescriptive guidance based only on a combination of personal experience and opinion. simply reported.
Security cannot slow down development
Ar+sanal HandcraQed Threat Models since 1999
Accuracy 25% 50% 75% 100% Resources required (Time + Skill) Threat Modelling Process
Accuracy 25% 50% 75% 100% Resources required (Time + Skill) Threat Modelling Process The hard stuff The easy stuff
Accuracy 25% 50% 75% 100% Resources required (Time + Skill) Threat Modelling Process The hard stuff The easy stuff
Workshop/Analysis based Threat Modelling Threat Modelling with Templates / Pa[erns
Op+mising with templates / checklists
Use a 3rd party auth provider Countermeasure 2 Only if Countermeasure 2 is not an op+on Use Company X SSO for all Internet facing applica+ons OWASP ASVS as a Threat Model Template V2.13 Verify that account passwords are protected using an adap+ve key deriva+on func+on, salted using a salt that is unique to that account… Countermeasure 1 If the DB is compromised then a[ackers could also compromise users’ authen+ca+on creden+als Threat
Web Applica+on Threat Model Template
Problems with a one size fits all approach Threat Model Template 100% Accurate Threat Model of System
Problems with a one size fits all approach 100% Accurate Threat Model of System Threat Model Template
Deconstruct the template into components TM Template for DB TM Template for Web Service TM Template for WebUI
•HTML Web UI Threat Template.xlsx •Mobile Device Threat Template.xlsx •NoSQL Database Threat Template.xlsx •SQL Database Threat Template.xlsx •HTTP Service Threat Template.xlsx •REST Web Service Threat Template.xlsx •SOAP Web Service Threat Template.xlsx •Amazon EC2 Threat Template.xlsx •Connec+on to Third Party API Threat Template.xlsx
•HTML Web UI Threat Template.xlsx •Mobile Device Threat Template.xlsx •NoSQL Database Threat Template.xlsx •SQL Database Threat Template.xlsx •HTTP Service Threat Template.xlsx •Authen+ca+on •Creden+als Reset •User Registra+on •Profile Update •Inter account funds transfer •Na+onal funds transfer •Interna+onal funds transfer •… •REST Web Service Threat Template.xlsx •SOAP Web Service Threat Template.xlsx
• HTML Web UI Threat Template.xlsx • Authen+ca+on • Mobile Device Threat Template.xlsx • Authen+ca+on • Creden+als Reset • Profile Update • NoSQL Database Threat Template.xlsx • SQL Database Threat Template.xlsx • HTTP Service Threat Template.xlsx • Authen+ca+on • Creden+als Reset • User Registra+on • Profile Update • Inter account funds transfer • Na+onal funds transfer • Interna+onal funds transfer • … • REST Web Service Threat Template.xlsx • Authen+ca+on • Profile Update • Funds Transfer • SOAP Web Service Threat Template.xlsx
Introducing Risk Patterns Re-usable patterns of threats + countermeasures that apply to a slice of architecture
Web UI Web ServiceAuthen+cate Worked Example: Web Authen+ca+on
Threat A: Dictionary attack against username using common password Threat B: Login bypassed by replaying credentials stored in Browser Threat C: Credentials posted to a spoofed server Web UI Web ServiceAuthen+cate Threat D: Legitimate users cannot access the site because of DoS
Use Case: AuthenIcate Threat A: Dictionary attack against username using common password Countermeasure 1: Implement password quality checks Countermeasure 2: Rate limit authen+ca+on a[empts from same IP Threat B: Login bypassed by replaying credentials stored in Browser Countermeasure 4: Set AUTOCOMPLETE to false on login form Countermeasure 5: Enable TLS on the server Countermeasure 6: Set the HSTS Header Threat C: Credentials posted to a spoofed server Countermeasure 3: Require the use of 2FA Threat D: Legitimate users cannot access service because of DoS Countermeasure 7: Enable upstream DoS protec+on
•Are the threat+countermeasures inherent in this type of component ? •Are the threat+countermeasures inherent in the use-case? •Are the threat+countermeasures specific to this use-case in this component? Web UI Web ServiceAuthen+cate Iden+fy Pa[erns
Threat A: Dictionary attack against username using common password Countermeasure 1: Implement password quality checks Countermeasure 2: Rate limit authen+ca+on a[empts from same IP Threat B: Login bypassed by replaying credentials stored in Browser Countermeasure 4: Set AUTOCOMPLETE to false on login form Countermeasure 5: Enable TLS on the server Countermeasure 6: Set the HSTS Header Threat C: Credentials posted to a spoofed server Countermeasure 3: Require the use of 2FA Threat D: Legitimate users cannot access service because of DoS Countermeasure 7: Enable upstream DoS protec+on Web Service+ Authen+ca+on WebUI+Authen+ca+on Web Service+Authen+ca+on Web Service
Does the pa[ern apply in a more generic form? Can a varia+on of the pa[ern be applied to a similar component or use-case? Op+mise for re-use
Threat A: Dictionary attack against username using common password Countermeasure 1: Implement password quality checks Countermeasure 2: Rate limit authen+ca+on a[empts from same IP Countermeasure 3: Require the use of 2FA Risk Pattern: User/Pass Authentication against any Service Web Service + Authen+ca+on
Risk Pattern: Authentication from WebUI Threat B: Login bypassed by replaying credentials stored in Browser Countermeasure 4: Set AUTOCOMPLETE to false on login form WebUI+Authen+ca+on
Risk Pattern: Authentication from Mobile Client Threat B: Login bypassed by replaying credentials stored on device Countermeasure 4: Do not store creden+als on the device Countermeasure 5: Encrypt the creden+als stored on the device using the passcode Risk Pattern: Authentication from WebUI Threat B: Login bypassed by replaying credentials stored in Browser Countermeasure 4: Set AUTOCOMPLETE to false on login form Can a varia+on of the pa[ern be applied to a similar component or use-case?
Countermeasure 5: Enable TLS on the server Countermeasure 6: Set the HSTS Header Threat C: Credentials posted to a spoofed server Risk Pattern: Authentication against an HTTP Service Web Service+Authen+ca+on
Risk Pattern: Generic-Service Threat D: Legitimate users cannot access service because of DoS Countermeasure 7: Enable up-stream DoS protec+onWeb Service
Risk Pattern: User/Pass Authentication against a Service Risk Pattern: Authentication against an HTTP Service Risk Pattern: Authentication from WebUI Risk Pattern: Authentication from Mobile Device Client ServerAuthen+cate Generated Threats & Countermeasures Risk Pattern: Generic-Service
Web UI Web Service U/P Authen+cate Generated Threats & Countermeasures Threat A: Dictionary attack against username using common password Implement password quality checks Rate limit connec+ons from the same IP address Require the use of 2FA Threat B: Credentials posted to a spoofed server Set the HSTS header Enable TLS on the server Risk Pattern: User/Pass Authentication against a Service Risk Pattern: Authentication against an HTTP Service Risk Pattern: Authentication from WebUI Risk Pattern: Authentication from Mobile Device Risk Pattern: Generic-Service Threat D: Legitimate users cannot access service because of DoS Enable up-stream DoS preven+on
Web UI Web Service Authen+cate Generated Threats & Countermeasures Threat B: Login bypassed by replaying credentials stored in Browser Set AUTOCOMPLETE to false on login form Risk Pattern: User/Pass Authentication against a Service Risk Pattern: Authentication against an HTTP Service Risk Pattern: Authentication from WebUI Risk Pattern: Authentication from Mobile Device Risk Pattern: Generic-Service
Web UI on Mobile Web ServiceAuthen+cate Generated Threats & Countermeasures Threat B: Login bypassed by replaying credentials stored on device Do not store creden+als on the device Encrypt the creden+als stored on the device using the passcode Risk Pattern: User/Pass Authentication against a Service Risk Pattern: Authentication against an HTTP Service Risk Pattern: Authentication from WebUI Risk Pattern: Authentication from Mobile Device Risk Pattern: Generic-Service
Web UI REST API Token Auth Generated Threats & Countermeasures Threat B: Credentials posted to a spoofed server Set the HSTS header Enable TLS on the server Risk Pattern: User/Pass Authentication against a Service Risk Pattern: Authentication against an HTTP Service Risk Pattern: Authentication from WebUI Risk Pattern: Authentication from Mobile Device Risk Pattern: Generic-Service Threat D: Legitimate users cannot access service because of DoS Enable up-stream DoS preven+on
Web UI SSH Service U/P Authen+cate Generated Threats & Countermeasures Threat A: Dictionary attack against username using common password Implement password quality checks Rate limit connec+ons from the same IP address Require the use of 2FA Risk Pattern: User/Pass Authentication against a Service Risk Pattern: Authentication against an HTTP Service Risk Pattern: Authentication from WebUI Risk Pattern: Authentication from Mobile Device Risk Pattern: Generic-Service Threat D: Legitimate users cannot access service because of DoS Enable up-stream DoS preven+on
OS NTP Service Get Time Generated Threats & Countermeasures Risk Pattern: User/Pass Authentication against a Service Risk Pattern: Authentication against an HTTP Service Risk Pattern: Authentication from WebUI Risk Pattern: Authentication from Mobile Device Risk Pattern: Generic-Service Threat D: Legitimate users cannot access service because of DoS Enable up-stream DoS preven+on
Generic-Service HTTP-Service JSON-Service Server-side Session Data-store SQL DB NoSQL DB Generic-Client Thick Client HTML/JS Client Mobile Client SOAP-Service Sensi+ve Data-Transport Hierarchical Risk Pa[ern Library AuthN AuthN-SF AuthN-2FA UserPass Token Client-side Session
Just Enough Threat Modeling
What type of component are you building? Web Service Mobile client Web UI How are users authen+cated? Username & Password 2FA No auth Rules Engine Generic-Service HTTP-Service Stateful-Session SF-Auth SF-Auth-HTTP-Service Sensi+ve-DataTransport Risk Patterns
rule “SF-AUTH for HTTP-Service“ when RiskPa[ern(ref == “HTTP-SERVICE") RiskPa[ern(ref == “SF-Auth“) then insertLogical(new RiskPa[ern(“SF-Auth-HTTP-Service“)); insertLogical(new RiskPa[ern(“Stateful-Session“)); insertLogical(new RiskPa[ern(“Sensi+ve-DataTransport“)); end rule “User chooses Web Service“ when Ques+on(id == “web.service”, answer == true) then insertLogical(new RiskPa[ern("HTTP-SERVICE")); end rule “User chooses User/Pass auth“ when Ques+on(id == “auth.user.pass”, answer == true) then insertLogical(new RiskPa[ern(“SF-Auth")); end
Advantages Speed and scale threat modelling Create a persistent Threat/Countermeasure knowledge-base Improved consistency
Disadvantages Checklists short-circuit thinking about the problem Garbage In Garbage Out
Community Edition https://github.com/continuumsecurity/IriusRisk
Derive a threat model from an architecture questionnaire
Manage risk by applying countermeaures… Or accepting the risk
Push countermeasures directly to Jira
Auto-sync countermeasure state with Jira
Publishing threat models as Templates for use by other users
Accuracy 25% 50% 75% 100% Resources required (Time + Skill) Tool vendors for Threat Modeling http://mozilla.github.io/seasponge Visio + Excel
https://github.com/continuumsecurity/IriusRisk www.continuumsecurity.net Questions? @stephendv

More Related Content

PPTX
Automating security tests for Continuous Integration
Stephen de Vries
 
PDF
Vulnerabilities are bugs, Let's Test For Them!
VAddy
 
PPTX
Continuous and Visible Security Testing with BDD-Security
Stephen de Vries
 
PDF
T23 HTML5 Security Testing at Spotify
TechWell
 
PDF
SecDevOps - The Operationalisation of Security
Dinis Cruz
 
PPTX
Integrating security into Continuous Delivery
Tom Stiehm
 
PPTX
Continuous Security Testing in a Devops World #OWASPHelsinki
Stephen de Vries
 
PPTX
Continuous Security Testing with Devops - OWASP EU 2014
Stephen de Vries
 
Automating security tests for Continuous Integration
Stephen de Vries
 
Vulnerabilities are bugs, Let's Test For Them!
VAddy
 
Continuous and Visible Security Testing with BDD-Security
Stephen de Vries
 
T23 HTML5 Security Testing at Spotify
TechWell
 
SecDevOps - The Operationalisation of Security
Dinis Cruz
 
Integrating security into Continuous Delivery
Tom Stiehm
 
Continuous Security Testing in a Devops World #OWASPHelsinki
Stephen de Vries
 
Continuous Security Testing with Devops - OWASP EU 2014
Stephen de Vries
 

What's hot (19)

PDF
Security DevOps - Staying secure in agile projects // OWASP AppSecEU 2015 - A...
Christian Schneider
 
PPTX
OWASP AppSec EU - SecDevOps, a view from the trenches - Abhay Bhargav
Abhay Bhargav
 
PDF
SecDevOps
Peter Lamar
 
PPTX
Simplify Dev with Complicated Security Tools
Kevin Fealey
 
PDF
Devops security-An Insight into Secure-SDLC
Suman Sourav
 
PPTX
we45 SecDevOps Presentation - ISACA Chennai
Abhay Bhargav
 
PPTX
Implementing an Application Security Pipeline in Jenkins
Suman Sourav
 
PPTX
DevSecCon London 2017: when good containers go bad by Tim Mackey
DevSecCon
 
PDF
A Successful SAST Tool Implementation
Checkmarx
 
PDF
we45 - SecDevOps Concept Presentation
Abhay Bhargav
 
PPTX
SecDevOps 2.0 - Managing Your Robot Army
conjur_inc
 
PDF
Automated Security Testing
seleniumconf
 
PDF
DevSecOps: Minimizing Risk, Improving Security
Franklin Mosley
 
PDF
Better Security Testing: Using the Cloud and Continuous Delivery
Gene Gotimer
 
PDF
DevSecOps | DevOps Sec
Rubal Jain
 
PPTX
Unit testing : what are you missing for security
Suman Sourav
 
PDF
we45 - Infrastructure Penetration Testing with LeanBeast Case Study
Abhay Bhargav
 
PPTX
DevSecOps : an Introduction
Prashanth B. P.
 
PDF
Dev seccon london 2016 intelliment security
DevSecCon
 
Security DevOps - Staying secure in agile projects // OWASP AppSecEU 2015 - A...
Christian Schneider
 
OWASP AppSec EU - SecDevOps, a view from the trenches - Abhay Bhargav
Abhay Bhargav
 
SecDevOps
Peter Lamar
 
Simplify Dev with Complicated Security Tools
Kevin Fealey
 
Devops security-An Insight into Secure-SDLC
Suman Sourav
 
we45 SecDevOps Presentation - ISACA Chennai
Abhay Bhargav
 
Implementing an Application Security Pipeline in Jenkins
Suman Sourav
 
DevSecCon London 2017: when good containers go bad by Tim Mackey
DevSecCon
 
A Successful SAST Tool Implementation
Checkmarx
 
we45 - SecDevOps Concept Presentation
Abhay Bhargav
 
SecDevOps 2.0 - Managing Your Robot Army
conjur_inc
 
Automated Security Testing
seleniumconf
 
DevSecOps: Minimizing Risk, Improving Security
Franklin Mosley
 
Better Security Testing: Using the Cloud and Continuous Delivery
Gene Gotimer
 
DevSecOps | DevOps Sec
Rubal Jain
 
Unit testing : what are you missing for security
Suman Sourav
 
we45 - Infrastructure Penetration Testing with LeanBeast Case Study
Abhay Bhargav
 
DevSecOps : an Introduction
Prashanth B. P.
 
Dev seccon london 2016 intelliment security
DevSecCon
 
Ad

Viewers also liked (17)

PDF
MongoDB NoSQL database a deep dive -MyWhitePaper
Rajesh Kumar
 
PDF
Webinar - Bringing Game Changing Insights with Graph Databases
DataStax
 
PDF
Threat modeling with architectural risk patterns
Stephen de Vries
 
PDF
2017 iosco research report on financial technologies (fintech)
Ian Beckett
 
PPTX
Threat Modeling And Analysis
Lalit Kale
 
PDF
CV
Alpana Chaphalkar
 
PPTX
Tugas4 1412510602 dewi_apriliani
dewiapril1996
 
PPTX
Comparing 30 MongoDB operations with Oracle SQL statements
Lucas Jellema
 
PDF
Tracxn Research - Healthcare Analytics Landscape, February 2017
Tracxn
 
PDF
Scalable threat modelling with risk patterns
Stephen de Vries
 
PDF
Tracxn Research - Mobile Advertising Landscape, February 2017
Tracxn
 
PPTX
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
Oleg Shalygin
 
PPTX
Introducing NoSQL and MongoDB to complement Relational Databases (AMIS SIG 14...
Lucas Jellema
 
PPTX
Webinar: Fighting Fraud with Graph Databases
DataStax
 
PDF
2015 Internet Trends Report
IQbal KHan
 
PPTX
Tugas 4 0317-fahreza yozi-1612510832 -
fahreza yozi
 
PDF
Security as Code: DOES15
Ed Bellis
 
MongoDB NoSQL database a deep dive -MyWhitePaper
Rajesh Kumar
 
Webinar - Bringing Game Changing Insights with Graph Databases
DataStax
 
Threat modeling with architectural risk patterns
Stephen de Vries
 
2017 iosco research report on financial technologies (fintech)
Ian Beckett
 
Threat Modeling And Analysis
Lalit Kale
 
CV
Alpana Chaphalkar
 
Tugas4 1412510602 dewi_apriliani
dewiapril1996
 
Comparing 30 MongoDB operations with Oracle SQL statements
Lucas Jellema
 
Tracxn Research - Healthcare Analytics Landscape, February 2017
Tracxn
 
Scalable threat modelling with risk patterns
Stephen de Vries
 
Tracxn Research - Mobile Advertising Landscape, February 2017
Tracxn
 
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
Oleg Shalygin
 
Introducing NoSQL and MongoDB to complement Relational Databases (AMIS SIG 14...
Lucas Jellema
 
Webinar: Fighting Fraud with Graph Databases
DataStax
 
2015 Internet Trends Report
IQbal KHan
 
Tugas 4 0317-fahreza yozi-1612510832 -
fahreza yozi
 
Security as Code: DOES15
Ed Bellis
 
Ad

Similar to Just Enough Threat Modeling (20)

PDF
Integrated Security for Software Development and Advanced Penetration Testing...
Symptai Consulting Limited
 
PDF
Social Enterprise Rises! …and so are the Risks - DefCamp 2012
DefCamp
 
PPTX
Emphasizing Value of Prioritizing AppSec Meetup 11052023.pptx
lior mazor
 
PDF
Continuous security
Kim van Wilgen
 
PDF
Saas security stock company
임채호 박사님
 
PDF
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
Core Security
 
PDF
Top 9 Data Security Trends for 2012
Imperva
 
PDF
Crowdsourced Vulnerability Testing
London School of Cyber Security
 
PDF
[OPD 2019] Threat modeling at scale
OWASP
 
PDF
ScotSecure Cyber Security Summit 2025 Edinburgh
Ray Bugg
 
PDF
Insider's Guide to the AppExchange Security Review (Dreamforce 2015)
Salesforce Partners
 
PDF
Iasi code camp 12 october 2013 ana tudosa - challenges in implementing and ...
Codecamp Romania
 
PPTX
Top Application Security Trends of 2012
DaveEdwards12
 
PDF
Safeguarding Your Mission Understanding Common Security Threats and How to P...
TechSoup
 
PDF
Securing the Future of Applications Meetup 18092024
lior mazor
 
PPTX
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
Outpost24
 
PDF
AWS Cloud Governance & Security through Automation - Atlanta AWS Builders
James Strong
 
PPTX
Introduction Sebyde BV | Security Testing | Security Awareness | Secure Devel...
Derk Yntema
 
PDF
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
sucesuminas
 
PDF
Top 6 Web Application Security Best Practices.pdf
SolviosTechnology
 
Integrated Security for Software Development and Advanced Penetration Testing...
Symptai Consulting Limited
 
Social Enterprise Rises! …and so are the Risks - DefCamp 2012
DefCamp
 
Emphasizing Value of Prioritizing AppSec Meetup 11052023.pptx
lior mazor
 
Continuous security
Kim van Wilgen
 
Saas security stock company
임채호 박사님
 
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
Core Security
 
Top 9 Data Security Trends for 2012
Imperva
 
Crowdsourced Vulnerability Testing
London School of Cyber Security
 
[OPD 2019] Threat modeling at scale
OWASP
 
ScotSecure Cyber Security Summit 2025 Edinburgh
Ray Bugg
 
Insider's Guide to the AppExchange Security Review (Dreamforce 2015)
Salesforce Partners
 
Iasi code camp 12 october 2013 ana tudosa - challenges in implementing and ...
Codecamp Romania
 
Top Application Security Trends of 2012
DaveEdwards12
 
Safeguarding Your Mission Understanding Common Security Threats and How to P...
TechSoup
 
Securing the Future of Applications Meetup 18092024
lior mazor
 
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
Outpost24
 
AWS Cloud Governance & Security through Automation - Atlanta AWS Builders
James Strong
 
Introduction Sebyde BV | Security Testing | Security Awareness | Secure Devel...
Derk Yntema
 
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
sucesuminas
 
Top 6 Web Application Security Best Practices.pdf
SolviosTechnology
 

Recently uploaded (20)

PDF
iTop VPN Free 5.6.0.5262 Crack latest version 2025
itskinga12
 
PPTX
Operating system designcfffgfgggggggvggggggggg
rmskumara09
 
PPTX
Weekly report ppt - harsh dattuprasad patel.pptx
bikerslovers123
 
PDF
Navsoft: AI-Powered Business Solutions & Custom Software Development
Navsoft
 
PDF
Design an Analysis of Algorithms I-SECS-1021-03
DilanEscobar1
 
PPTX
Patient Appointment Booking in Odoo with online payment
AxisTechnolabs
 
PPTX
history of c programming in notes for students .pptx
Vijayakumari829030
 
PPTX
Agentic AI Use Case- Contract Lifecycle Management (CLM).pptx
mhxyzzp
 
PPTX
Log360_SIEM_Solutions Overview PPT_Feb 2020.pptx
nonameist3434
 
PDF
Website Design Services for Small Businesses.pdf
ecomme9
 
PDF
AI-Powered Threat Modeling: The Future of Cybersecurity by Arun Kumar Elengov...
Arun Kumar Elengovan
 
PDF
Odoo Companies in India – Driving Business Transformation.pdf
azhuhardeen1968
 
PDF
Complete Guide to Website Development in Malaysia for SMEs
Asian Business Services & Technologies
 
PPTX
CHAPTER 2 - PM Management and IT Context
KevinPutra14
 
PPTX
Why Generative AI is the Future of Content, Code & Creativity?
Webuters Technologies Pvt. Ltd
 
PDF
Wondershare Filmora 15 Crack With Activation Key [2025
ghrom2211g
 
PDF
Internet Downloader Manager (IDM) Crack 6.42 Build 42 Updates Latest 2025
itskinga12
 
PDF
How AI/LLM recommend to you ? GDG meetup 16 Aug by Fariman Guliev
HusseinMalikMammadli
 
PPTX
Reimagine Home Health with the Power of Agentic AI​
AutomationEdge Technologies
 
PPTX
assetexplorer- product-overview - presentation
nonameist3434
 
iTop VPN Free 5.6.0.5262 Crack latest version 2025
itskinga12
 
Operating system designcfffgfgggggggvggggggggg
rmskumara09
 
Weekly report ppt - harsh dattuprasad patel.pptx
bikerslovers123
 
Navsoft: AI-Powered Business Solutions & Custom Software Development
Navsoft
 
Design an Analysis of Algorithms I-SECS-1021-03
DilanEscobar1
 
Patient Appointment Booking in Odoo with online payment
AxisTechnolabs
 
history of c programming in notes for students .pptx
Vijayakumari829030
 
Agentic AI Use Case- Contract Lifecycle Management (CLM).pptx
mhxyzzp
 
Log360_SIEM_Solutions Overview PPT_Feb 2020.pptx
nonameist3434
 
Website Design Services for Small Businesses.pdf
ecomme9
 
AI-Powered Threat Modeling: The Future of Cybersecurity by Arun Kumar Elengov...
Arun Kumar Elengovan
 
Odoo Companies in India – Driving Business Transformation.pdf
azhuhardeen1968
 
Complete Guide to Website Development in Malaysia for SMEs
Asian Business Services & Technologies
 
CHAPTER 2 - PM Management and IT Context
KevinPutra14
 
Why Generative AI is the Future of Content, Code & Creativity?
Webuters Technologies Pvt. Ltd
 
Wondershare Filmora 15 Crack With Activation Key [2025
ghrom2211g
 
Internet Downloader Manager (IDM) Crack 6.42 Build 42 Updates Latest 2025
itskinga12
 
How AI/LLM recommend to you ? GDG meetup 16 Aug by Fariman Guliev
HusseinMalikMammadli
 
Reimagine Home Health with the Power of Agentic AI​
AutomationEdge Technologies
 
assetexplorer- product-overview - presentation
nonameist3434
 

Just Enough Threat Modeling