Someone who could do harm to a system (also adversary).
An adversary’s goal.
A flaw in the system that could help a threat agent realize
Something of value to valid users and adversaries alike.
When a motivated and sufficiently skilled threat agent takes
advantage of a vulnerability.
Why Threat Modeling?
We must put
in our products
Want to attack
Identify threats and vulnerabilities.
Raise security awareness amongst developers.
Identify areas of the architecture that require
more research etc.
Identify relevant threats and vulnerabilities in the scenario to
help shape the application's security design.
Threat Modelling Steps
Step 1: Identify security objectives. Clear objectives help us
to focus the threat modeling activity and determine how much
effort to spend on subsequent steps.
Step 2: Create an application overview. Itemizing our
application's important characteristics helps us identify
Step 3: Decompose your application. A detailed
understanding of the mechanics of our application makes it
easier for us to uncover more detailed threats.
Threat Modelling Steps(Cont.)
Step 4: Identify threats. Use details from steps 2 and 3 to
identify threats relevant to the application scenario and
Step 5: Identify vulnerabilities. Review the layers of the
application to identify weaknesses related to the threats. Use
vulnerability categories to help focus on those areas where
mistakes are most often made.