The Blog

The motto of Threat Modeling should be: “The earlier it is found, the better, but never to be checked too late and never to be ignored.” In today’s business scenario, you cannot lose to overlook security because without threat modelling, your security is at risk!

What Is Threat Modeling?

In simple terms, threat modeling is the procedure detecting prospective threats in the initial stages of the development life cycle for identifying gaps and security mitigations that would assure that a secure application is being developed properly, thus saving time and revenue. Such protection also safeguards the property or confidential documentation, while accordingly making those threats your priority.

While designing an application, you will meet various security issues throughout the distinct phases of software development life cycle [SDLC] and thus having threat modeling from the start can assist to protect those applications with built-in security.

Why to go for Threat Modeling?

  • Usual Fear Factor of company shutting down suddenly.
  • Walls have never stopped a determined adversary.
  • Tools, best practices, checklists, policies, penetration tests.

How Threat Modeling helps?

  • To find out security flaws when issues arise.
  • To build a secure application.
  • To save revenue, time, and reputation of your organization.
  • To bridge the gap between security and developers.
  • To deliver a document of the identified threats.
  • Presents awareness and knowledge of the risks and vulnerabilities.

Is the Current approach enough?

  • Exposure
  • Sensitivity
  • Regulations
  • Costs

Why is Threat Modeling important?

Threat modelling is significant for developing a DevSecOps culture in the business. This is also important for the security teams to protect their apps in a better way which can be gained through the ability of constant threat modelling of the apps. Threat modeling joins the operations/infrastructure team, security architects and lead developers, who contribute together to the threat model! The threat model is also a culture of collaboration and communication, while assisting teams to develop an insight of each other’s objectives, roles, and tough points. This will also put effect on the software development culture.

In the words of Simon Curzi, Threat Modeling is a process to understand security threats to a system, determine risks from those threats and established appropriate mitigation.

  • Understand the Solution.
  • Identify Risks, attack scenarios. OWASP Top10 vulnerabilities.
  • Evaluate the security.
  • Identify Mitigations
  • – Adopt a privileged Access Management Solutions.
  • – Define Roadmap.
  • – Prevent > Detect > Respond > Recover
  • A Tool for Risk Management
  • – Common Problems
  • > Rare Skills
  • > Not particularly relevant Threats and Mitigation

Benefits of Threat Modeling

  • Upgraded application security posture is accomplished when threat impact on an application has been recognized and fixed via security controls and modifications.
  • Threats and vulnerabilities are lessened, reducing the remediation costs and defects.
  • Ability to settle vulnerabilities before they even arise which lowers testing and development phase, thus saving costs.

> You can be a great Threat Modeler.

  • Knowledge about potential attack paths
  • Holistic approach
  • Sceptical, never assuring mindset

> What we seek from Threat Modeling?

  • Guidance, Adaptability
  • Customization
  • Extendibility
  • Integration

The vision is to Understand the Risk.

  • How Threat Modeling can improve security for your DevOps practice.
  • – Start security early at lowers cost
  • – Catches design issues
  • – Helps to evaluate new risk factors early

How to execute Threat Modeling

People have an idea that only the security engineers can perform threat modelling. But it is not right. Even the developers and software project managers can execute them.

Elements of threat modelling: Assets, Threats, Vulnerabilities.

  • You need a comprehensive approach
  • > Formal training
  • > Training on the job
  • > Tactical Threat Modeling
  • > Process Customization
  • > Partnership

{Create Awareness, Experience & Reference, Reviewing & giving Ongoing Support}

Steps to Threat Modeling to follow:

1# Identify Assets: file servers, Active Directory, database server, authenticated and anonymous web user, configuration screens, database users, etc.

2# Describing Architecture: software framework, cloud data stores, web application connection, third-party services.

3# Decomposing Application: breaking the application involving sub-processes which run the application.

4# Identifying Threats: listing them in a detailed manner for reviewing the process further.

5# Document Threats: with help of parallel occurrences which can identify threats in the application in a well-defined manner.

6# Rating Threats: checking the threat severity.

When to apply Threat Modeling

Threat modelling should be applied at all phases of SDLC:

  • When a change occurs every time in the architecture of a system.
  • When new vulnerabilities are initiated or after a security incident has taken place.
  • Immediately after the design is ready.
  • And to continue even after deployed in production.

Free Tools to carry out Threat Modeling

  • OWASP Threat Dragon
  • Microsoft Threat Modelling Tool 2016

Challenges of Threat Modeling

  • White hackers or ethical hackers are needed to hack in and detect threats and vulnerabilities crafted by unethical hackers.
  • Certain tools assist in envisioning and documenting the process.
  • Automation here is the new challenge, as new threats are found.

How does Threat Modeling match into those CI/CD pipelines?

It is said that threat modelling is not actually a component of the automated pipeline procedure. This is a step which occurs before CI/CD appears together. It starts towards the beginning, in the plan stage and design process, which is exactly the part of reliable expansion practices.

When you have a DAST tool adept of automated testing, with these tests in step-wise, your CI/CD pipeline will automatically run the tests and pass through successfully.

DevSecOps Culture

Threat modeling contributes to enhanced value via constant and recurred performance. It crafts assured design patterns when they start to rise in various ways which can be verified and leveraged by the application development teams. This supports to the formation of a practical DevSecOps culture.

The design styles operate as the core for standardized, repeated application security needs for the enterprise. For example, data available in transit should be encoded through HTTPs, and all those internal apps resistant for single sign-on [SSO] validation. Standardized design styles and requirements expanded from threat modelling can run for long in lessening the hazards to the company, thus eradicating the variation and intricacies in the security designs which lead mostly to infringements.

“Modern Threat Modeling is possible”

You can also visit our Webinar page on Importance of Threat Modeling to watch the Free Video by Simone Curzi!

Leave a Comment