Threat Modeling

Threat modelling has a structured approach that is far more cost-efficient and effective than applying security features in a haphazard manner without knowing precisely what threats each feature is supposed to address. With a random “shotgun” approach to security, it is not possible to know when the application is “secure enough”, or the areas where the application is still vulnerable.

Threat modelling consists of understanding the adversary’s view of the system, characterising security strengths, and determining and investigating threats. Used effectively, threat modelling can find security strengths and weaknesses, discover vulnerabilities, can help shape the application design and reduce risks inline with your company’s security objectives.

The main objectives of threat modelling are to:

: Understand the threat profile of a system

: Shape application design to meet your organisation’s security objectives

: Discover vulnerabilities and make trade-offs during key engineering decisions

: Reduce risks of security issues arising during development and operations

AppSecure Labs’ approach to threat modelling involves gathering information on application design and functionality through scheduled meetings with development teams and through design documentation.

An application threat model involves the following phases:

Identify security objectives

Clear objectives help focus the threat modelling activity and determine how much effort to spend on subsequent steps. This can be aligned with company security policy or to meet compliance and legal requirements.

Create an application overview

Itemising an application’s important characteristics and actors to help identify relevant threats. Using simple diagrams and tables to document the architecture of an application, including subsystems, trust boundaries and data flow.

Decompose your application

Decompose the application architecture, including underlying network and host infrastructure design, to create a security profile of the application. The aim of the security profile is to uncover the vulnerabilities in the design, implementation and deployment configurations.

Identify threats

Identify threats relevant to the application scenario and context. Keeping the goals of an attacker in mind, and with the knowledge of architecture and potential vulnerabilities, identify the threats that could affect the application.

Identify vulnerabilities

Review and rate vulnerabilities in order to address the most significant threats first. The riskrating process weighs the probability of a threat against damage that could result should an attack occur.

The output from the threat-modelling process is a document for various members of the project development team. It allows them to clearly understand the threats that need to be addressed and the effective security countermeasures to address them.

“Until you understand the threats,

You cannot protect your applications against attacks.”

Understand the threat profile of a system

Shape application design to meet your organisation’s security objectives

Discover vulnerabilities and make trade-offs during key engineering decisions

Reduce risks of security issues arising during development and operations

Approach

Identify security objectives

Create an application overview

Decompose your application

Identify threats

Identify vulnerabilities

Deliverables

Root account misconfigurations found in 20% of top 1,000 Docker containers https://t.co/KEZpHQQfXl

WordPress plugin sees second serious security bug in six weeks #wordpress #security https://t.co/6tkGyNhFcM

RT @OWASPLondon: University Students! #OWASP Foundation has been selected for Google Summer of Code (@gsoc) this year. Spend your summer ho…

RT @vanderaj: The @OWASP_ASVS is coming to a conclusion. If anyone has a LOT of energy and can work fast, I would love to have a short chap…

I had forgotten my password and ClickPress had been so helpful to provide my cleartext password in the email?… https://t.co/ZtgY7NEDpk

Looking forward to reading the new version of #OWASP Software Assurance Maturity Model #SAMM 2.0 Beta #AppSec https://t.co/z9nXaKC9pX

RT @NCSC: The NCSC is investigating a large-scale Domain Name System (DNS) hijacking campaign. Read our alert https://t.co/xrw6GRlKnD https…

Top 10 Application Security Vulnerabilities of 2018 #appsec https://t.co/d0YZtNEUVD

RT @Checkmarx: #ICYMI: good article in @NetworkWorld about the new @owasp list of top 10 #IoT #vulnerabilities. So what should we be most a…

RT @simps0n: AppSec Ezine - 257th Edition https://t.co/CGddTcYUGw #AppSec #Security

Connect with Us