Let's learn the basics of Threat Modeling!
Here's the Top 5 Threat Modeling methodologies, and how they work.
#threatmodeling
Here's the Top 5 Threat Modeling methodologies, and how they work.
#threatmodeling
1. STRIDE
One of the most popular, STRIDE is an acronym for the types of threats it covers:
Spoofing identity
Tampering with data
Repudiation threats
Information disclosure
Denial of service
Elevation of privileges
This is a developer-centric methodology.
One of the most popular, STRIDE is an acronym for the types of threats it covers:
Spoofing identity
Tampering with data
Repudiation threats
Information disclosure
Denial of service
Elevation of privileges
This is a developer-centric methodology.
In STRIDE, you create a data flow diagram-based threat model of the target app. With user & abuser stories, create a list of potential threats.
Map them to the above threat types & classify the attacker's goals in one of 6 categories, along with relevant security controls.
Map them to the above threat types & classify the attacker's goals in one of 6 categories, along with relevant security controls.
2. PASTA
Sound tasty? It stands for 'Process of Attack Simulation and Threat Analysis'.
PASTA uses a risk-centric approach to find the probability of an attack. This lets you identify & prioritize threats. It also helps correlate business objectives with security requirements.
Sound tasty? It stands for 'Process of Attack Simulation and Threat Analysis'.
PASTA uses a risk-centric approach to find the probability of an attack. This lets you identify & prioritize threats. It also helps correlate business objectives with security requirements.
PASTA is done in 7 steps:
- Define the objectives (What is the purpose of the app?)
- Define the technical scope (What dependencies do you have?)
- Decompose the app (How do all your components communicate together?)
- Analyze the threats (What sort of threats do you face?)
- Define the objectives (What is the purpose of the app?)
- Define the technical scope (What dependencies do you have?)
- Decompose the app (How do all your components communicate together?)
- Analyze the threats (What sort of threats do you face?)
- Vulnerability analysis (What is wrong with your app/design?)
- Attack analysis (How serious is each vulnerability?)
- Risk & impact analysis (How is your app/business affected by these flaws?)
The end goal of this process is to mitigate & manage security risks.
- Attack analysis (How serious is each vulnerability?)
- Risk & impact analysis (How is your app/business affected by these flaws?)
The end goal of this process is to mitigate & manage security risks.
3. VAST
Visual, Agile, and Simple Threat (VAST) is an automated methodology that focuses on integrating threat modeling into the DevOps infrastructure.
It ensures scalability while also giving reliable, actionable results for developers, security teams, and senior executives.
Visual, Agile, and Simple Threat (VAST) is an automated methodology that focuses on integrating threat modeling into the DevOps infrastructure.
It ensures scalability while also giving reliable, actionable results for developers, security teams, and senior executives.
VAST calls for 2 types of threat models:
The application threat model is created with process flow diagrams that map various features of an app.
The operational threat model is meant for infrastructure teams, featuring a data flow diagram from the attacker's perspective.
The application threat model is created with process flow diagrams that map various features of an app.
The operational threat model is meant for infrastructure teams, featuring a data flow diagram from the attacker's perspective.
4. OCTAVE
The Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) methodology is used to assess organization-wide risks from breached data assets.
It's used by operations & IT teams to create documentation & raise risk-awareness within the organization.
The Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) methodology is used to assess organization-wide risks from breached data assets.
It's used by operations & IT teams to create documentation & raise risk-awareness within the organization.
OCTAVE threat modeling has 3 phases:
Phase 1: Build an asset-based threat profile. Analyze the assets in your org by sending questionnaires out to staff. Then build a list of security requirements using the information gathered
Phase 1: Build an asset-based threat profile. Analyze the assets in your org by sending questionnaires out to staff. Then build a list of security requirements using the information gathered
Phase 2: Identify infrastructure vulnerabilities. Map high-priority data assets to information infrastructure & perform a vulnerability evaluation.
Phase 3: Develop a security strategy. Prioritize the risks you find & create a strategy to mitigate them across your organization.
Phase 3: Develop a security strategy. Prioritize the risks you find & create a strategy to mitigate them across your organization.
5. Trike
The only one that's not an acronym, Trike is an open source threat modeling process for cyber-risk management.
It uses a 'requirements model' to determine what risk level is acceptable for each asset according to organization stakeholders.
The only one that's not an acronym, Trike is an open source threat modeling process for cyber-risk management.
It uses a 'requirements model' to determine what risk level is acceptable for each asset according to organization stakeholders.
The process begins with a data flow diagram to illustrate data flow & actions a user can perform in a system state.
Analyze these to form a Trike threat model. As the threats are identified, you assign risk values & mitigating controls for each threat.
Analyze these to form a Trike threat model. As the threats are identified, you assign risk values & mitigating controls for each threat.
Want to go deeper into Threat Modeling? Start with these 2 courses on AppSecEngineer:
Threat Modeling Essentials
Agile Threat Modeling
Learn with real-world exercises & understand how your app works from the inside out:
appsecengineer.com/product/threat…
Threat Modeling Essentials
Agile Threat Modeling
Learn with real-world exercises & understand how your app works from the inside out:
appsecengineer.com/product/threat…
If you enjoyed this thread, follow @AppSecEngineer and retweet us!
More like this every day.
More like this every day.
https://twitter.com/AppSecEngineer/status/1592555637942226948
• • •
Missing some Tweet in this thread? You can try to
force a refresh
