How do you model threats
to a complex information
system?
С использованием искусственного интеллекта и потенциала сообщества LinkedIn
Complex information systems are often exposed to various threats
that can compromise their confidentiality, integrity, or availability. To
protect these systems, you need to identify and analyze the potential
sources, methods, and impacts of these threats. This is called threat
modeling, and it is a crucial step in the risk assessment and
management process. In this article, you will learn how to model
threats to a complex information system using a systematic and
structured approach.
Делитесь важной информацией совместно с
другими приглашенными экспертами
Прокрутите, чтобы добавить свое мнение в любой раздел статьи
Получите эмблему топ-эксперта сообщества
Вносите свой вклад в коллективные статьи, чтобы получить в профиле признание
за ваше профессиональное мнение. Подробнее
Начать вносить свой вклад
Узнайте, что публикуют другие
What is threat modeling?
Threat modeling is the process of creating a representation of the
system, its components, its interactions, and its environment, and then
identifying and evaluating the threats that can affect it. Threat
modeling helps you to understand the system's vulnerabilities,
prioritize the risks, and design appropriate countermeasures. Threat
modeling can be done at different stages of the system development
life cycle, from the initial design to the maintenance and operation.
Выскажите свое мнение

Ashwini Siddhi
Threat Modeling Service Owner for Dell Technologies | Women in Cyber
Security Advocate | Security Advisory Board
Threat Modeling can be done at any stage of the system
development but to maximize the benefits of the exercise it is
best done at the design phase.
Нравится
3
How to perform threat modeling?
Threat modeling involves different methods and frameworks, but
generally follows a similar workflow. To begin, you need to define the
scope and objectives of the exercise, such as the assets, boundaries,
and assumptions of the system. Additionally, you should create a
diagram or model of the system architecture and data flows. After
that, identify the threat sources and scenarios, such as potential
adversaries and their capabilities. Then, analyze the threat impacts and
likelihoods to determine how severe and probable they are. Finally,
prioritize and mitigate the threats by implementing best practices and
controls. This will help you monitor and update the threat model as
the system evolves.
Выскажите свое мнение
What are some tools and techniques for
threat modeling?
Threat modeling can be done manually or with the help of tools and
techniques to provide guidance and structure. Common tools include
STRIDE, a mnemonic that stands for Spoofing, Tampering,
Repudiation, Information disclosure, Denial of service, and Elevation of
privilege; DREAD, a mnemonic that stands for Damage,
Reproducibility, Exploitability, Affected users, and Discoverability;
Attack trees, a graphical representation of possible paths and
conditions an attacker can follow; and Microsoft Threat Modeling Tool,
a software application that helps to create data flow diagrams, apply
the STRIDE method, generate threat reports, and validate the threat
model.
Выскажите свое мнение

Ashwini Siddhi
Threat Modeling Service Owner for Dell Technologies | Women in Cyber
Security Advocate | Security Advisory Board
I share @Matt Coles' perspective on STRIDE as a methodology.
I've observed that some people use STRIDE to refer to the
Microsoft Threat Modeling Tool, which is based on the STRIDE
approach itself. In my experience, developers sometimes struggle
with the STRIDE terms. So, I opt for a simpler rule: assessing
potential security, privacy, and safety issues in the design, while
also considering the preservation of system and data
confidentiality, integrity, and availability. In the past, DREAD was
commonly used alongside STRIDE to determine the severity of
identified threats - the reason it is thought of as a framework for
TM. However, I've noticed a shift towards the adoption of CVSS
calculator, leading to DREAD being gradually replaced.
…См. еще
Нравится
5

Matthew Coles
To clarify, STRIDE is one approach or methodology for
performing threat modeling rather than being a tool itself; there
are a number of tools that implement the STRIDE methodology
for threat analysis. DREAD is a method for assessing the severity
of threats identified by STRIDE, although it has been declared
"dead" by some; OWASP Risk Rating Methodology, CVSS, and
CWSS are other methods for severity determination of threats. In
addition to tools like the Microsoft Threat Modeling Tool or
OWASP Threat Dragon in which users can draw diagrams and
identify threats, there exists a class of tools for creating models
and performing analysis by writing code to describe a system;
OWASP pytm is an example of this class of tool.
…См. еще
Нравится
3
What are the benefits and challenges of
threat modeling?
Threat modeling can provide several benefits for the security of
complex information systems, such as improving security awareness
and culture, enhancing security design and architecture, reducing
costs and efforts of security testing, and supporting compliance and
governance. However, it can also pose some challenges. It requires a
significant amount of time, resources, and expertise to perform
effectively and comprehensively. Additionally, its accuracy and
completeness depend on the system information and assumptions
used to create the threat model. Moreover, it needs to be updated
and maintained regularly to reflect the changes of the system and the
threat landscape.
Выскажите свое мнение

Ashwini Siddhi
Threat Modeling Service Owner for Dell Technologies | Women in Cyber
Security Advocate | Security Advisory Board
One of the major benefits of Threat Modeling is that when it is
done right like in mature organizations, it can drive the entire
Secure Development Lifecycle and not just be limited as a secure
design verification activity.
Нравится
4
How to learn more about threat
modeling?
Threat modeling is a valuable skill for information security
professionals and enthusiasts who want to protect complex
information systems from cyberattacks. To learn more about threat
modeling, you can explore the OWASP Threat Modeling Cheat Sheet –
a concise and practical guide that covers the basics and best practices.
There is also the Threat Modeling Manifesto – a collaborative
document that defines the principles and values of threat modeling.
Finally, there is the Threat Modeling Book – a comprehensive and indepth book that teaches you how to apply threat modeling to
different types of systems and scenarios.