SensePost
SensePost
Services
Education
About Us
Careers
Blog
Get in Touch
Our Blog
Our news
All you need to know
2019 (7)
2018 (14)
2017 (27)
2016 (22)
2015 (17)
2014 (15)
2013 (30)
2012 (27)
2011 (33)
2010 (36)
2009 (81)
2008 (75)
2007 (80)
Categories
Categories
Cve (5)
Exploit (13)
Variant analysis (1)
Vulnerability research (1)
Code analysis (1)
Cve-2019-15937 (1)
Cve-2019-15938 (1)
Ql (1)
Semmle (1)
Vulnerability (2)
Unknowncategory (1)
Frida (3)
Metasploit (5)
Meterpreter (1)
Objection (1)
Defcon (8)
Relay (1)
Rogue-ap (5)
Tool (2)
Wifi (10)
Cve-2019-0547 (1)
Cve-2019-0726 (1)
Dhcp (1)
Kb4480966 (1)
Patch diffing (1)
Research (72)
Diffing (1)
Protocol (1)
Windows (4)
Backdoor (3)
Lsass (1)
Password (1)
Deepdive (2)
Ios (6)
Mac (16)
Rf (1)
Exploit development (1)
Internals (4)
Webapps (12)
0day (1)
Cve-2018-19204 (1)
Prtg network monitor (1)
Web application (1)
How-to (4)
Howto (23)
Webassembly (1)
Opsec (1)
Tin-foil-hat (8)
Bypass (3)
Command execution (1)
Dns (1)
Experiment (2)
Ioc (1)
Malware (2)
Tools (78)
Tunnelling (2)
Mitm (5)
Heap (7)
Heap linux (7)
Heap overflow (4)
Apngopt (2)
Exploitaion (4)
Bash (1)
Curl (1)
Efficiency (1)
Shell (1)
Mq (1)
Detection (1)
Analysis (13)
Build-it (5)
Interception (1)
Tricks (6)
Sdr (3)
Active directory (2)
Cracking (1)
Gdb (1)
Apng (1)
Android (4)
Double free (2)
Linux (4)
Automated network scanner (2)
Challenge (4)
Bsides (1)
Go go go (1)
Screenshot (1)
Crypto (9)
Office (1)
Burp (1)
Certificates (2)
Defence (1)
Hardware (3)
Skimmers (1)
Materials (5)
Reversing (14)
Pwnage friday (1)
Painless (1)
Ptmalloc2 (1)
About:us (46)
Mobile (15)
Blackhat (43)
Training (54)
Apache server (1)
Fuzzing (1)
Httpd (1)
Afl (1)
Cve-2017-7668 (1)
Printf (1)
Conferences (91)
Ook (1)
External (1)
Shells (4)
Troopers (1)
Abuse (1)
Empire (3)
Programming (19)
Real-world (19)
Fun (57)
B-sides (5)
Nmap (2)
Presentations (9)
Dll injection (1)
Hooking (2)
Anti-virus (1)
Maltego (6)
Snoopy (3)
Pentest (6)
Powershell (2)
Usb (1)
Defense (3)
Infrastructure (5)
Blackbox (1)
Ransomware (1)
Post-exploitation (4)
Skype (3)
Transforms (1)
Zacon (1)
Willemluvscuddles (1)
Clickjacking (2)
Hipsterlurv (1)
Jack (1)
Hipster (1)
Ssl (1)
.za (3)
Jobs (5)
Product (4)
#legit (1)
Press release (4)
Interns (1)
Python (9)
Broadview (4)
Xml (1)
Malware analysis (1)
44con (6)
Show-off (1)
Z-force (1)
Z-wave (1)
Infosec-soapies (26)
Local (8)
Silly-yammerings (21)
Google (1)
Memory analysis (1)
Footprinting (2)
Hackathon (1)
Privacy (7)
Community (21)
Surveillance (1)
Solution (1)
Rsa (1)
Secureid (1)
Crest (1)
Sap (2)
Threat modelling (6)
Rambling (2)
Uk (2)
Zaprize (2)
Auditors (1)
Metrics (3)
Risk management (2)
Vendors (7)
Metricon (2)
Report-info (1)
Uncon (2)
Windows phone (1)
Auctions (1)
Penny (1)
Pickle (4)
Consulting (1)
Policy (1)
Ccdcoe (1)
Estonia (1)
.ac.za (1)
Vulnerability management (10)
Travel (2)
Suru (1)
Cloud (12)
Memcached (2)
Management (1)
Risk (1)
Proxy (1)
Hackrack (2)
Goodbye (1)
Fail (3)
Imsojaded (2)
Pci (2)
Videos (6)
Hope? (2)
Wasc (1)
Security-news (6)
Mindless-politics (4)
Security-fyi (8)
Qo[w|m|?] (4)
Time-waster (6)
Tech-toys (3)
Zen-hacking (3)
Foos (1)
Readme (1)
Web_x.0 (2)
Mindmaps (1)
Writing-advice (1)
Close
Squinting at Security Drivers and Perspective-based Biases
Reading time: ~12 min
Posted by dominic on 28 October 2011
Categories:
Auditors
,
Metrics
,
Risk management
,
Threat modelling
,
Vendors
While doing some thinking on threat modelling I started examining what the usual drivers of security spend and controls are...