Are you thinking about starting to do threat modeling? Are you having trouble identifying potential misuse scenarios? Download our deck of Cyber Bogie cards today and gamify your threat workshops!

Nixuans do hundreds of web application and mobile application security assessments each year. For these assessments, bug bounties, and security testing training we give, Burp Suite Professional is typically the tool of choice. Burp is extendable with plugins that can automate part of the testing, identify more vulnerabilities, or make generating testing payloads easier. For all you white hat hackers out there, we wanted to give some tips on how we use Burp: here's our top 10 list of best Burp Suite plugins.

Cloud provides flexibility, cost savings, and often also better technical security than on-premise solutions. However, if you are used to the on-premise world, the cloud environment may bring new risks that you haven’t encountered before. “Sometimes people don’t understand the technical and legal threat model of the cloud,” says Mattias Almeflo, a Principal Security Consultant in Nixu.