Announcements
Voting is now open!
Members, make your selections in the annual (ISC)² Board of Directors election. Vote Now! Voting is open until Sept. 22.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
neevarp
Newcomer I

Threat modeling for new company

Hi Valuable members,

 

I am new to this community and this forum. I wanted to get your guidance on few things.

 

For a new Security product company focusing on end point security. The company does not have any Security or Cybersecurity framework, governance, compliance, threat modeling, risk management, etc.. 

 

Where do I start and what are the important documents I need to be fully cybersecurity aware company. 

 

Hope all the experts and veterans in this field will shed some light on this and help this company be cybersecurity ready from all aspects.

 

Kind regards

Neevarp

2 Replies
Steve-Wilme
Advocate I

Re: Threat modeling for new company

MITRE ATT&CK would be a good place to start.

-----------------------------------------------------------
Steve Wilme CISSP-ISSAP, ISSMP MCIIS
neevarp
Newcomer I

Re: Threat modeling for new company

Thank you Steve