What is threat modeling?


Threat modeling can be defined as a process for improving application, system, or workflow security by identifying goals and weaknesses, followed by the definition of defenses to stop or lessen the consequences of system threats.

A wide range of objects, comprising software, applications, systems, networks, distributed systems, Internet of Things (IoT) devices, and workflows, can be subject to threat modeling.

You must be thinking, if you already have implemented security policies in your organization,  then what’s the need for threat modeling?

Threat modeling is a proactive approach, that helps to unveil the threats that aren’t usually thought of, or discovered during code reviews, or any other kind of audit services. It helps the security team to evaluate the best security controls that can be implemented to build a good defense. This method produces much more secure programs, and by giving priority to potential dangers, resources are efficiently utilized.

Threat modeling process

According to OWASP threat modeling could be implemented by following the below-mentioned steps:

1. Scope analysis: Know what you are working on! this might take the form of a sprint or an entire system, depending on its size.

2. Determine what may go wrong: This could be done in a variety of ways, from a basic brainstorm to more formal methods like STRIDE, Kill Chains, or Attack Trees.

3. Determine risk management strategies: Decide how you will respond to each danger. This might involve applying a mitigation strategy or the accept/transfer/eliminate risk management framework.

4. Examine your work: Was it up to par for the system in use?

For a more detailed and professional threat modeling approach, refer to this documentation by OWASP.

Contact us to find out how SecuriGeek’s cloud service offerings can help your team to continually monitor and address infrastructure security threats, and understand the current maturity level of your cloud environment.