Subscribe now to our monthly “Threat Modeling Insider” TMI newsletter – packed full of expert advice and articles to get you started with threat modeling. Threat modeling has always been a passion and a cornerstone of the security services we provide. It helps to identify and mitigate potential security issues early on, when they are…
I love working with OWASP because I strongly believe in the values of knowledge sharing and community building. I personally started the OWASP Belgium chapter in Belgium in 2005. Today, I am also very active as co-leader on the OWASP SAMM project. When I started my company Toreon (cyber security consulting), I tried to instil the same values…
One of Toreon’s key values is the gathering and sharing of knowledge. We try to encourage our own people to do this all the time and actively facilitate this. Knowledge grows exponentially when shared and combined with people of all knowledge levels, even if they come from different IT security domains. This made us realise…
On 5-June Seba delivered the talk “Adding Privacy by Design in Secure Application Development” at the OWASP Europe conference in London. Seba addressed the complex GDPR challenge for developers as part of a Secure Development Lifecycle approach. The presentation covered: • GDPR requirements covering design, data lifecycle, users and end of life aspects • Privacy…
In previous blogs you could already read about what threat modeling is, and about the 4 steps. In practice, however, threat modeling is more than just a technical analysis of your application. The threat landscape is constantly evolving, and so is your organisation. Therefore, you need to understand the technical and business context, and create…
At the last Privacy Café*, held in Mechelen on October 23rd, Seba Deleersnyder, co-founder and managing partner of Toreon, and Siebe De Roovere, Privacy and Information Secruity Expert at Toreon, explained to the Café’s guests how to combine Privacy by Design with the SDLC and objectively prove that your organization meets all of the set…
Proud sponsor! We are a proud Diamond sponsor of BruCON 2017 because we: Believe in supporting the IT security community in Belgium. Like the really excellent line-up: http://2017.brucon.org/index.php/Schedule Bring our consultants to the trainings and conference: to increase their knowledge and build our community network. Are on the lookout for new colleagues to join our…
Did you know that the GDPR and SDLC re-inforce each other and that the GDPR can be used as the ideal business case to start with SDLC? Siebe and I explained how and why during the OWASP AppSec Europe conference in Belfast. Couldn’t attend? You can find the presentation in our previous blog, or begin…
Last week Thursday we delivered our presentation “Embedding GDPR in the SDLC” at the OWASP AppSec Europe conference in Belfast. The presentation is the outcome of various projects where we encounter both privacy and application security challenges. Siebe De Roovere (one of our privacy specialists) and myself have worked on integrating GDPR compliance requirements in…
In a previous blogpost we explained what penetration testing is and how it can help improve your security. Time to take a closer look at the 7 benefits pentests have for your company. Reveal vulnerabilities Penetration testing explores existing weaknesses in your system or application configurations and network infrastructure. Even actions and habits of your…
In order to inform you of our policies and activities with respect to the collection, use and transfer of Personal Data on our websites, you can find an electronic copy of our Privacy Notice here.
The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.