Wednesday, June 25, 2008
Threat Modeling Article
I co-authored with Tony Ucedavelez (Managing Director for Versprite) an article on threat modeling. It is published on the June edition of In-secure magazine.
The intent was to give an holistic view on threat modeling as security activity that can be performed by security practioners in different role and speciality. Threat modeling (TM) is not limited to just modeling threats in applications and the usage is not limited to architects that need to design secure applications. The result of the TM activity can be used by security testers to perform risk based tests as well by information security officers for technical risk analysis. This is because beside modeling threats with the logical, physical and use/misuse case views of the application, TM allows for the identification of vulnerabilities (security flaws) and the countermeasures to mitigate the risk posed by such vulnerabilities. The article also tries to strike the balance from the strategic view of threat modeling with a more tactical one such as way to perform a security assessment on existing applications. We covered the most popular TM methodologies and TM tools available today. We also tried to give best practices on how to use TM as part of the SDLC to build security into the applications independently from the TM methodology being adopted.