Risk assessment articles

9/23/2025 • EN

To vibe or not to vibe

A Thoughtworks engineer explores the nuanced risk assessment required when using AI to generate code, moving beyond a simple 'good or bad' debate.

ai code review ai-assisted coding generative ai risk assessment software development

Martin Fowler

9/9/2025 • EN

Secure Your MCP Servers with Environment Variable Risk Assessment

The ls-mcp tool update adds a security feature to detect and assess the risk of credentials stored in environment variables within MCP server configurations.

Credential Detection environment variables Mcp Servers risk assessment security

Liran Tal

7/15/2022 • EN

Third-party libraries are no party at all

A senior engineer at Lyft outlines the risks of using third-party libraries in production apps and proposes a framework for consistent risk assessment.

code review Production Apps risk assessment software development Third Party Libraries

Scott Berrevoets

8/27/2020 • EN

Threat modelling case study: bicycles

A threat modeling case study using bicycle theft to illustrate security principles applicable to IT systems.

Case Study Physical Security risk assessment security Threat Modeling

Cal Paterson

4/15/2019 • EN

Questions I'd Ask My Cloud Provider

A developer's critical questions for evaluating cloud providers, focusing on problem-solving, security implementation, and customer-driven development.

Cloud Provider Cloud Security risk assessment Service License Agreement Threat Model

Jessie Frazelle

Risk assessment Articles

To vibe or not to vibe

Secure Your MCP Servers with Environment Variable Risk Assessment

Third-party libraries are no party at all

Threat modelling case study: bicycles

Questions I'd Ask My Cloud Provider

Select Language