03 March 2026

Secure Software Starts with Threat Modeling, Not Scanning

Early-stage security programs often measure success by the number of vulnerabilities closed. Mature programs measure it by how much risk actually goes down. Instead of treating every finding as equal, they weigh attacker intent, system exposure, and business impact, balancing technical severity (CVSS, EPSS) with architectural and operational context.

Amir Kavousian
AI
Appsec
threat-modeling
Read More
Reza Khosravi
30 Sep 2025
How Threat Modeling Became the New Compliance Must-Have in FinTech

Appsec
GRC
Regulation
fintech
Amir Kavousian
14 Jun 2025
Secure Design Is the New Front Line of AppSec

The future of AppSec isn't about chasing bugs or triaging alerts. It's about capturing intent, governing design, and enabling every contributor (human or AI) to build securely by default.

Appsec
AI
threat-modeling
Amir Kavousian
14 Nov 2024
AI-Native Development and the Future of AppSec

Appsec
AI
Amir Kavousian
30 Aug 2024
Threat Modeling Automation: Opportunities, Challenges, and the Role of AI

AI
Appsec
threat-modeling
Amir Kavousian
09 Jul 2024
Why Do Security Engineers Still Rely on Manual Reviews Despite an AppSec Toolkit with Dozens of Tools?

Appsec
AI
Amir Kavousian
21 May 2024
The New Frontiers of Application Security : How Understanding the Origins of AppSec Helps Predict Its Future.

Appsec
model
Amir Kavousian
02 Mar 2024
Application Security: Challenges and Opportunities in The AI Era.

Appsec
Petra Vukmirovic
14 Mar 2026
What You Feed the Model Is the Model

The practitioners who consistently produce good threat models are not the ones with the most sophisticated tooling. They are the ones who are obsessive about what goes in. Get that right, and the all the rest (the methodology, the AI assist, the output format ...) will fall into place.

AI
threat-modeling