Threat Modelling

What is Threat Modelling?

A threat modelling process can help you understand your organization's security posture. Typically encompasses a process of Asset identification, Threat intelligence, Risk assessment, Attack mapping and Mitigation capabilities. Over the years there are many threat models developed for threat identifitcaion, impact assessment,  

Examples of Threat Model frameworks:  

STRIDE

DREAD

PASTA

NIST 800-54??

OCTAVE

LINDDUN??

Threat Mitigation: 

Here are some mitigation suggestions for threat modeling: 

Mitigate: Take action to reduce the likelihood of a threat. For example, you can add checks or controls that reduce the risk impact.

Eliminate: Remove the feature or component that is causing the threat.

Transfer: Shift responsibility to another entity such as the customer.

Accept: Decide that the business impact is acceptable.

Part 1 - Application Description - Capture the application description as elaborate as possible with key focus on highlighting factors on these:-

Rationale

Main Applicability/Functionality

Proprietary/Open Source

Why it is developed?

How will it be used?

Who will be using it?

What Purpose it will serve or outcome of it?

Part 2 - User Interactive Questions that will focus on capturing inputs as part of the simple drop down, interactive queries to help tool generate a tailored model for the user specific requirements.

Simple Baseline information, 

High Level Risk Profile 

Business Impact inputs 

Part 3 - Generate a comprehensive result - 

Threat model output provides more relevant hypothetical scenarios and testing framework to improve the cyber security and trust in the defined business application.

Attack tree output provides a graphical diagram that outlines the logic of an attack. It aims to show the flow of how a malicious user might exploit the IT Asset/System from the perspective of a successful attack. Helps realise the risk impact and probability with the probable logical flow diagram.

Mitigation suggestions provide the options to help address the risks identified as an outcome of the threat model evaluation. The mitigation suggestions can further be implemented to mitigate, eliminate, transfer or accept the risk.