SlideShare a Scribd company logo

STRIDE: Digging Vulnerability by Threat Modelling

M
Mohammad Febri

The slide provides an overview of the STRIDE threat modeling approach, which was introduced by Microsoft in 1999 for identifying threats to their products. It mentions the different types of threats covered by STRIDE, including Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege The slide emphasizes the need to consider trust boundaries and includes a diagram illustrating various external entities, processes, data stores, and data flows.

Technology
1 of 21
Download to read offline
STRIDE: Digging Vulnerability by Threat Modelling Mohammad Febri Ramadlan Sr. Security Engineer (Offensive) Friday, 9 Nov 2018
Agenda: 1. Security Development Lifecycle (SDL) 2. Threat Modelling Overview 3. STRIDE 4. STRIDE Implementation 5. Q & A
1. What is Security Development Lifecycle (SDL) ?
“A software development process that helps developers build more secure software and address security compliance requirements while reducing development cost”. - Microsoft
Microsof SDL Requirements Requirements Requirements
Agile SDL Requirements Requirements Requirements
2. Threat Modelling Overview
❏ Threat modeling is the use of abstractions to aid in thinking about risks [1]. ❏ Threat Model Samples 1. Trike 2. P.A.S.T.A 3. STRIDE 4. VAST 5. OCTAVE [1] Shostack A, Threat Modeling: Designing for Security, John Wiley & Sons, Inc., 2014, Indianapolis, Indiana
3. STRIDE
STRIDE Overview Property Threat Definition Example Authentication Spoofing Impersonating something or someone else. Pretending to be quiz organizer that want to steal the credentials Integrity Tampering Modifying data or code Modifying a email and phone number Non-repudiation Repudiation Claiming to have not performed an action. “I didn’t reschedule my ticket,” “I didn’t refund that ticket” Confidentiality Information Disclosure Exposing information to someone not authorized to see it Allowing someone to read the other user information. Availability Denial of Service Deny or degrade service to users Brute force login attempts Authorization Elevation of Privilege Gain capabilities without proper authorization Allowing a remote internet user to run commands in Traveloka Apps or desktop application
Process - Use STRIDE - Determine the property b. Identify Threat - Use DFD - Include Data Stores, Processes, Data Flows. Trust Boundaries a. Diagram - Validate Diagram - Validate threat model - Validate mitigation d. Validate - Address each threat - Apply standard mitigation c. Mitigate ❏ The STRIDE threat modeling was introduced in 1999 at Microsoft, for developers to find 'threats to our products'.
4. STRIDE Simulation
a. Diagram External Entity Proces s Data Store Trust Boundaries - People - Other system - Component - Services - Web Services - Function Call - Remote Call Procedure (RPC) - Network Traffic - Database - File - Registry - Queue / Stack - Process Boundary - File System Data Flow
Level 1 Diagram User Module ❏ Diagram Layer Very high-level; entire component/ product / system ❏ Level 1 Diagram High level; single feature / scenario ❏ Level 2 Diagram Low level; detailed sub-components of features ❏ Level 3 Diagram More detailed; need more layers in huge projects
b. Identify Threat Element S T R I D E Name ✓ ✓ 1. user ✓ ✓ ✓ ✓ ✓ 2. login 3. myBooking Data Store ✓ ✓ ✓ ✓ 4. User DB 5. Booking DB Data Flow ✓ ✓ ✓ 6. readQueryLogin 7. provideAuth 8. login . . 13. queryBooking External Entity Proces s
c. Mitigate Element S T R I D E Name Mitigation ✓ ✓ 1. user - Strong authentication, 2FA - Secure logging and auditing ✓ ✓ ✓ ✓ ✓ 2. login 3. editProfile - Strong authentication, 2FA - Secure logging and auditing - Token, encryption - Packet filtering - Input validation and privileges control Data Store ✓ ✓ ✓ ✓ 4. User DB 5. Booking DB - Authentication - Token, encryption - Packet filtering - Input validation and privileges control Data Flow ✓ ✓ ✓ 6. readQueryLogin 7. provideAuth 8. login . . 13. queryBooking - Authentication - Token, encryption - Packet filtering - Input validation and privileges control External Entity Proces s
Standard Mitigation Threat Property Mitigation Spoofing Authentication - Cookie authentication - PKI systems such as SSL/TLS and certificates - Digital signatures Tampering Integrity - ACLs - Digital Signatures Repudiation Non-repudiation - Secure login and monitoring - Digital Signatures Information Disclosure Confidentiality - Encryption - Token Denial of Service Availability - ACLs - Filtering Elevation of Privilege Authorization - ACLs - Group or role membership - Privilege ownership - Input validation
❏ Validate Quality of Threats and Mitigations ❏ Describe the attack, context, impact ❏ Mitigations: Associate with the threat, describe the mitigations 4. Validate ❏ Validate the whole threat model: ❏ Does diagram match final code? ❏ Is each threat mitigated? ❏ Are mitigations done right ❏ Check before Final Security Review
Question ???
1. SDL helps developers to build more secure software and address security compliance requirements while reducing development cost 2. Threat modeling is the use of abstractions to aid in thinking about risks. 3. STRIDE: Spoofing, Tampering, Repudiation, Information Disclosure, Elevation of Privileges 4. The Process start from: Diagram, Threat Model, Mitigate, Validation Summary
Information Security Awareness By: Information Security Team Traveloka Thank you

Recommended

Null bachav
Null bachavNull bachav
Null bachavNaga Venkata Sunil Alamuri
 
Security Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and ToolsSecurity Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and ToolsYulian Slobodyan
 
Threat Modeling workshop by Robert Hurlbut
Threat Modeling workshop by Robert HurlbutThreat Modeling workshop by Robert Hurlbut
Threat Modeling workshop by Robert HurlbutDevSecCon
 
[OPD 2019] Threat modeling at scale
[OPD 2019] Threat modeling at scale[OPD 2019] Threat modeling at scale
[OPD 2019] Threat modeling at scaleOWASP
 
[Warsaw 26.06.2018] SDL Threat Modeling principles
[Warsaw 26.06.2018] SDL Threat Modeling principles[Warsaw 26.06.2018] SDL Threat Modeling principles
[Warsaw 26.06.2018] SDL Threat Modeling principlesOWASP
 
Introduction to threat_modeling
Introduction to threat_modelingIntroduction to threat_modeling
Introduction to threat_modelingPrabath Siriwardena
 
Application Threat Modeling
Application Threat ModelingApplication Threat Modeling
Application Threat ModelingPriyanka Aash
 
Big Bang Theory: The Evolution of Pentesting High Security Enviroments IT Def...
Big Bang Theory: The Evolution of Pentesting High Security Enviroments IT Def...Big Bang Theory: The Evolution of Pentesting High Security Enviroments IT Def...
Big Bang Theory: The Evolution of Pentesting High Security Enviroments IT Def...Chris Gates
 

Recommended

Null bachav
Null bachavNull bachav
Null bachavNaga Venkata Sunil Alamuri
 
Security Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and ToolsSecurity Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and ToolsYulian Slobodyan
 
Threat Modeling workshop by Robert Hurlbut
Threat Modeling workshop by Robert HurlbutThreat Modeling workshop by Robert Hurlbut
Threat Modeling workshop by Robert HurlbutDevSecCon
 
[OPD 2019] Threat modeling at scale
[OPD 2019] Threat modeling at scale[OPD 2019] Threat modeling at scale
[OPD 2019] Threat modeling at scaleOWASP
 
[Warsaw 26.06.2018] SDL Threat Modeling principles
[Warsaw 26.06.2018] SDL Threat Modeling principles[Warsaw 26.06.2018] SDL Threat Modeling principles
[Warsaw 26.06.2018] SDL Threat Modeling principlesOWASP
 
Introduction to threat_modeling
Introduction to threat_modelingIntroduction to threat_modeling
Introduction to threat_modelingPrabath Siriwardena
 
Application Threat Modeling
Application Threat ModelingApplication Threat Modeling
Application Threat ModelingPriyanka Aash
 
Big Bang Theory: The Evolution of Pentesting High Security Enviroments IT Def...
Big Bang Theory: The Evolution of Pentesting High Security Enviroments IT Def...Big Bang Theory: The Evolution of Pentesting High Security Enviroments IT Def...
Big Bang Theory: The Evolution of Pentesting High Security Enviroments IT Def...Chris Gates
 
7.Trust Management
7.Trust Management7.Trust Management
7.Trust Managementphanleson
 
Threat Modelling
Threat ModellingThreat Modelling
Threat Modellingn|u - The Open Security Community
 
7 Steps to Threat Modeling
7 Steps to Threat Modeling7 Steps to Threat Modeling
7 Steps to Threat ModelingDanny Wong
 
Software Security Engineering
Software Security EngineeringSoftware Security Engineering
Software Security EngineeringMarco Morana
 
Application Security Testing for Software Engineers ,Developers and testers
Application Security Testing for Software Engineers ,Developers and testersApplication Security Testing for Software Engineers ,Developers and testers
Application Security Testing for Software Engineers ,Developers and testersGustavo Nieves Arreaza
 
Security Incident machnism Security Incident machnismSecurity Incident machni...
Security Incident machnism Security Incident machnismSecurity Incident machni...Security Incident machnism Security Incident machnismSecurity Incident machni...
Security Incident machnism Security Incident machnismSecurity Incident machni...karthikvcyber
 
Security best practices
Security best practicesSecurity best practices
Security best practicesAVEVA
 
Enterprise Cloud Security - Concepts Mash-up
Enterprise Cloud Security - Concepts Mash-upEnterprise Cloud Security - Concepts Mash-up
Enterprise Cloud Security - Concepts Mash-upDileep Kalidindi
 
OWASP_Training.pptx
OWASP_Training.pptxOWASP_Training.pptx
OWASP_Training.pptxPradip Bhattarai
 
Finding Security a Home in a DevOps World
Finding Security a Home in a DevOps WorldFinding Security a Home in a DevOps World
Finding Security a Home in a DevOps WorldShannon Lietz
 
Arved sandstrom - the rotwithin - atlseccon2011
Arved sandstrom - the rotwithin - atlseccon2011Arved sandstrom - the rotwithin - atlseccon2011
Arved sandstrom - the rotwithin - atlseccon2011Atlantic Security Conference
 
For Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSecFor Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSecLalit Kale
 
Security by Design: An Introduction to Drupal Security
Security by Design: An Introduction to Drupal SecuritySecurity by Design: An Introduction to Drupal Security
Security by Design: An Introduction to Drupal SecurityTara Arnold
 
Security by design: An Introduction to Drupal Security
Security by design: An Introduction to Drupal SecuritySecurity by design: An Introduction to Drupal Security
Security by design: An Introduction to Drupal SecurityMediacurrent
 
Application Security
Application SecurityApplication Security
Application Securityflorinc
 
Secure Design: Threat Modeling
Secure Design: Threat ModelingSecure Design: Threat Modeling
Secure Design: Threat ModelingNarudom Roongsiriwong, CISSP
 
Security Best Practices
Security Best PracticesSecurity Best Practices
Security Best PracticesClint Edmonson
 
Null meet Code Review
Null meet Code ReviewNull meet Code Review
Null meet Code ReviewNaga Venkata Sunil Alamuri
 
Security Fundamentals and Threat Modelling
Security Fundamentals and Threat ModellingSecurity Fundamentals and Threat Modelling
Security Fundamentals and Threat ModellingKnoldus Inc.
 
Architecting for Security Resilience
Architecting for Security ResilienceArchitecting for Security Resilience
Architecting for Security ResilienceJoel Aleburu
 
RumahSehat Enterprise Architecture using TOGAF
RumahSehat Enterprise Architecture using TOGAFRumahSehat Enterprise Architecture using TOGAF
RumahSehat Enterprise Architecture using TOGAFMohammad Febri
 
Automated IOC Detection and Response through Seamless Orchestration.pdf
Automated IOC Detection and Response through Seamless Orchestration.pdfAutomated IOC Detection and Response through Seamless Orchestration.pdf
Automated IOC Detection and Response through Seamless Orchestration.pdfMohammad Febri
 

More Related Content

Similar to STRIDE: Digging Vulnerability by Threat Modelling

7.Trust Management
7.Trust Management7.Trust Management
7.Trust Managementphanleson
 
7 Steps to Threat Modeling
7 Steps to Threat Modeling7 Steps to Threat Modeling
7 Steps to Threat ModelingDanny Wong
 
Software Security Engineering
Software Security EngineeringSoftware Security Engineering
Software Security EngineeringMarco Morana
 
Application Security Testing for Software Engineers ,Developers and testers
Application Security Testing for Software Engineers ,Developers and testersApplication Security Testing for Software Engineers ,Developers and testers
Application Security Testing for Software Engineers ,Developers and testersGustavo Nieves Arreaza
 
Security Incident machnism Security Incident machnismSecurity Incident machni...
Security Incident machnism Security Incident machnismSecurity Incident machni...Security Incident machnism Security Incident machnismSecurity Incident machni...
Security Incident machnism Security Incident machnismSecurity Incident machni...karthikvcyber
 
Security best practices
Security best practicesSecurity best practices
Security best practicesAVEVA
 
Enterprise Cloud Security - Concepts Mash-up
Enterprise Cloud Security - Concepts Mash-upEnterprise Cloud Security - Concepts Mash-up
Enterprise Cloud Security - Concepts Mash-upDileep Kalidindi
 
Finding Security a Home in a DevOps World
Finding Security a Home in a DevOps WorldFinding Security a Home in a DevOps World
Finding Security a Home in a DevOps WorldShannon Lietz
 
For Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSecFor Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSecLalit Kale
 
Security by Design: An Introduction to Drupal Security
Security by Design: An Introduction to Drupal SecuritySecurity by Design: An Introduction to Drupal Security
Security by Design: An Introduction to Drupal SecurityTara Arnold
 
Security by design: An Introduction to Drupal Security
Security by design: An Introduction to Drupal SecuritySecurity by design: An Introduction to Drupal Security
Security by design: An Introduction to Drupal SecurityMediacurrent
 
Application Security
Application SecurityApplication Security
Application Securityflorinc
 
Security Best Practices
Security Best PracticesSecurity Best Practices
Security Best PracticesClint Edmonson
 
Security Fundamentals and Threat Modelling
Security Fundamentals and Threat ModellingSecurity Fundamentals and Threat Modelling
Security Fundamentals and Threat ModellingKnoldus Inc.
 
Architecting for Security Resilience
Architecting for Security ResilienceArchitecting for Security Resilience
Architecting for Security ResilienceJoel Aleburu
 

Similar to STRIDE: Digging Vulnerability by Threat Modelling (20)

7.Trust Management
7.Trust Management7.Trust Management
7.Trust Management
 
Threat Modelling
Threat ModellingThreat Modelling
Threat Modelling
 
7 Steps to Threat Modeling
7 Steps to Threat Modeling7 Steps to Threat Modeling
7 Steps to Threat Modeling
 
Software Security Engineering
Software Security EngineeringSoftware Security Engineering
Software Security Engineering
 
Application Security Testing for Software Engineers ,Developers and testers
Application Security Testing for Software Engineers ,Developers and testersApplication Security Testing for Software Engineers ,Developers and testers
Application Security Testing for Software Engineers ,Developers and testers
 
Security Incident machnism Security Incident machnismSecurity Incident machni...
Security Incident machnism Security Incident machnismSecurity Incident machni...Security Incident machnism Security Incident machnismSecurity Incident machni...
Security Incident machnism Security Incident machnismSecurity Incident machni...
 
Security best practices
Security best practicesSecurity best practices
Security best practices
 
Enterprise Cloud Security - Concepts Mash-up
Enterprise Cloud Security - Concepts Mash-upEnterprise Cloud Security - Concepts Mash-up
Enterprise Cloud Security - Concepts Mash-up
 
OWASP_Training.pptx
OWASP_Training.pptxOWASP_Training.pptx
OWASP_Training.pptx
 
Finding Security a Home in a DevOps World
Finding Security a Home in a DevOps WorldFinding Security a Home in a DevOps World
Finding Security a Home in a DevOps World
 
Arved sandstrom - the rotwithin - atlseccon2011
Arved sandstrom - the rotwithin - atlseccon2011Arved sandstrom - the rotwithin - atlseccon2011
Arved sandstrom - the rotwithin - atlseccon2011
 
For Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSecFor Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSec
 
Security by Design: An Introduction to Drupal Security
Security by Design: An Introduction to Drupal SecuritySecurity by Design: An Introduction to Drupal Security
Security by Design: An Introduction to Drupal Security
 
Security by design: An Introduction to Drupal Security
Security by design: An Introduction to Drupal SecuritySecurity by design: An Introduction to Drupal Security
Security by design: An Introduction to Drupal Security
 
Application Security
Application SecurityApplication Security
Application Security
 
Secure Design: Threat Modeling
Secure Design: Threat ModelingSecure Design: Threat Modeling
Secure Design: Threat Modeling
 
Security Best Practices
Security Best PracticesSecurity Best Practices
Security Best Practices
 
Null meet Code Review
Null meet Code ReviewNull meet Code Review
Null meet Code Review
 
Security Fundamentals and Threat Modelling
Security Fundamentals and Threat ModellingSecurity Fundamentals and Threat Modelling
Security Fundamentals and Threat Modelling
 
Architecting for Security Resilience
Architecting for Security ResilienceArchitecting for Security Resilience
Architecting for Security Resilience
 

More from Mohammad Febri

RumahSehat Enterprise Architecture using TOGAF
RumahSehat Enterprise Architecture using TOGAFRumahSehat Enterprise Architecture using TOGAF
RumahSehat Enterprise Architecture using TOGAFMohammad Febri
 
Automated IOC Detection and Response through Seamless Orchestration.pdf
Automated IOC Detection and Response through Seamless Orchestration.pdfAutomated IOC Detection and Response through Seamless Orchestration.pdf
Automated IOC Detection and Response through Seamless Orchestration.pdfMohammad Febri
 
Cybersecurity and Risk Management Technology
Cybersecurity and Risk Management TechnologyCybersecurity and Risk Management Technology
Cybersecurity and Risk Management TechnologyMohammad Febri
 
OWASP Risk Rating Management
OWASP Risk Rating ManagementOWASP Risk Rating Management
OWASP Risk Rating ManagementMohammad Febri
 
Cloud Security: Securing The Invisible Thing
Cloud Security: Securing The Invisible ThingCloud Security: Securing The Invisible Thing
Cloud Security: Securing The Invisible ThingMohammad Febri
 
Hacktoberfest Mozilla Indonesia 2020
Hacktoberfest Mozilla Indonesia 2020Hacktoberfest Mozilla Indonesia 2020
Hacktoberfest Mozilla Indonesia 2020Mohammad Febri
 
Leadership Skills - Communication in Organization
Leadership Skills - Communication in OrganizationLeadership Skills - Communication in Organization
Leadership Skills - Communication in OrganizationMohammad Febri
 
CDEF - Security Incident Handling and Response
CDEF - Security Incident Handling and ResponseCDEF - Security Incident Handling and Response
CDEF - Security Incident Handling and ResponseMohammad Febri
 
Vooya Passion Playground 2021 - Journey in Cybersecurity
Vooya Passion Playground 2021 - Journey in CybersecurityVooya Passion Playground 2021 - Journey in Cybersecurity
Vooya Passion Playground 2021 - Journey in CybersecurityMohammad Febri
 
Security Architecture: 3 Lines of Defense
Security Architecture: 3 Lines of DefenseSecurity Architecture: 3 Lines of Defense
Security Architecture: 3 Lines of DefenseMohammad Febri
 

More from Mohammad Febri (10)

RumahSehat Enterprise Architecture using TOGAF
RumahSehat Enterprise Architecture using TOGAFRumahSehat Enterprise Architecture using TOGAF
RumahSehat Enterprise Architecture using TOGAF
 
Automated IOC Detection and Response through Seamless Orchestration.pdf
Automated IOC Detection and Response through Seamless Orchestration.pdfAutomated IOC Detection and Response through Seamless Orchestration.pdf
Automated IOC Detection and Response through Seamless Orchestration.pdf
 
Cybersecurity and Risk Management Technology
Cybersecurity and Risk Management TechnologyCybersecurity and Risk Management Technology
Cybersecurity and Risk Management Technology
 
OWASP Risk Rating Management
OWASP Risk Rating ManagementOWASP Risk Rating Management
OWASP Risk Rating Management
 
Cloud Security: Securing The Invisible Thing
Cloud Security: Securing The Invisible ThingCloud Security: Securing The Invisible Thing
Cloud Security: Securing The Invisible Thing
 
Hacktoberfest Mozilla Indonesia 2020
Hacktoberfest Mozilla Indonesia 2020Hacktoberfest Mozilla Indonesia 2020
Hacktoberfest Mozilla Indonesia 2020
 
Leadership Skills - Communication in Organization
Leadership Skills - Communication in OrganizationLeadership Skills - Communication in Organization
Leadership Skills - Communication in Organization
 
CDEF - Security Incident Handling and Response
CDEF - Security Incident Handling and ResponseCDEF - Security Incident Handling and Response
CDEF - Security Incident Handling and Response
 
Vooya Passion Playground 2021 - Journey in Cybersecurity
Vooya Passion Playground 2021 - Journey in CybersecurityVooya Passion Playground 2021 - Journey in Cybersecurity
Vooya Passion Playground 2021 - Journey in Cybersecurity
 
Security Architecture: 3 Lines of Defense
Security Architecture: 3 Lines of DefenseSecurity Architecture: 3 Lines of Defense
Security Architecture: 3 Lines of Defense
 

Recently uploaded

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 

Recently uploaded (20)

Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 

STRIDE: Digging Vulnerability by Threat Modelling

  • 1. STRIDE: Digging Vulnerability by Threat Modelling Mohammad Febri Ramadlan Sr. Security Engineer (Offensive) Friday, 9 Nov 2018
  • 2. Agenda: 1. Security Development Lifecycle (SDL) 2. Threat Modelling Overview 3. STRIDE 4. STRIDE Implementation 5. Q & A
  • 3. 1. What is Security Development Lifecycle (SDL) ?
  • 4. “A software development process that helps developers build more secure software and address security compliance requirements while reducing development cost”. - Microsoft
  • 8. ❏ Threat modeling is the use of abstractions to aid in thinking about risks [1]. ❏ Threat Model Samples 1. Trike 2. P.A.S.T.A 3. STRIDE 4. VAST 5. OCTAVE [1] Shostack A, Threat Modeling: Designing for Security, John Wiley & Sons, Inc., 2014, Indianapolis, Indiana
  • 10. STRIDE Overview Property Threat Definition Example Authentication Spoofing Impersonating something or someone else. Pretending to be quiz organizer that want to steal the credentials Integrity Tampering Modifying data or code Modifying a email and phone number Non-repudiation Repudiation Claiming to have not performed an action. “I didn’t reschedule my ticket,” “I didn’t refund that ticket” Confidentiality Information Disclosure Exposing information to someone not authorized to see it Allowing someone to read the other user information. Availability Denial of Service Deny or degrade service to users Brute force login attempts Authorization Elevation of Privilege Gain capabilities without proper authorization Allowing a remote internet user to run commands in Traveloka Apps or desktop application
  • 11. Process - Use STRIDE - Determine the property b. Identify Threat - Use DFD - Include Data Stores, Processes, Data Flows. Trust Boundaries a. Diagram - Validate Diagram - Validate threat model - Validate mitigation d. Validate - Address each threat - Apply standard mitigation c. Mitigate ❏ The STRIDE threat modeling was introduced in 1999 at Microsoft, for developers to find 'threats to our products'.
  • 13. a. Diagram External Entity Proces s Data Store Trust Boundaries - People - Other system - Component - Services - Web Services - Function Call - Remote Call Procedure (RPC) - Network Traffic - Database - File - Registry - Queue / Stack - Process Boundary - File System Data Flow
  • 14. Level 1 Diagram User Module ❏ Diagram Layer Very high-level; entire component/ product / system ❏ Level 1 Diagram High level; single feature / scenario ❏ Level 2 Diagram Low level; detailed sub-components of features ❏ Level 3 Diagram More detailed; need more layers in huge projects
  • 15. b. Identify Threat Element S T R I D E Name ✓ ✓ 1. user ✓ ✓ ✓ ✓ ✓ 2. login 3. myBooking Data Store ✓ ✓ ✓ ✓ 4. User DB 5. Booking DB Data Flow ✓ ✓ ✓ 6. readQueryLogin 7. provideAuth 8. login . . 13. queryBooking External Entity Proces s
  • 16. c. Mitigate Element S T R I D E Name Mitigation ✓ ✓ 1. user - Strong authentication, 2FA - Secure logging and auditing ✓ ✓ ✓ ✓ ✓ 2. login 3. editProfile - Strong authentication, 2FA - Secure logging and auditing - Token, encryption - Packet filtering - Input validation and privileges control Data Store ✓ ✓ ✓ ✓ 4. User DB 5. Booking DB - Authentication - Token, encryption - Packet filtering - Input validation and privileges control Data Flow ✓ ✓ ✓ 6. readQueryLogin 7. provideAuth 8. login . . 13. queryBooking - Authentication - Token, encryption - Packet filtering - Input validation and privileges control External Entity Proces s
  • 17. Standard Mitigation Threat Property Mitigation Spoofing Authentication - Cookie authentication - PKI systems such as SSL/TLS and certificates - Digital signatures Tampering Integrity - ACLs - Digital Signatures Repudiation Non-repudiation - Secure login and monitoring - Digital Signatures Information Disclosure Confidentiality - Encryption - Token Denial of Service Availability - ACLs - Filtering Elevation of Privilege Authorization - ACLs - Group or role membership - Privilege ownership - Input validation
  • 18. ❏ Validate Quality of Threats and Mitigations ❏ Describe the attack, context, impact ❏ Mitigations: Associate with the threat, describe the mitigations 4. Validate ❏ Validate the whole threat model: ❏ Does diagram match final code? ❏ Is each threat mitigated? ❏ Are mitigations done right ❏ Check before Final Security Review
  • 20. 1. SDL helps developers to build more secure software and address security compliance requirements while reducing development cost 2. Threat modeling is the use of abstractions to aid in thinking about risks. 3. STRIDE: Spoofing, Tampering, Repudiation, Information Disclosure, Elevation of Privileges 4. The Process start from: Diagram, Threat Model, Mitigate, Validation Summary
  • 21. Information Security Awareness By: Information Security Team Traveloka Thank you