Threat Modeling 101

What is Threat Modeling?

Threat Modeling is a way to identify security problems. It enables you to see the bigger image instead of looking at the code. Also, it enables you to discover problems in things you haven’t built yet. Threat modeling lets you expect the problems before any harm happens to you. Meaning it is a proactive way. Threat modeling is subject matters everyone involved in governance, risk and compliance (GRC), Vulnerability Management, must know the working knowledge, in a matter of fact it is more important than technical vulnerability management, before you need to have the right threat modeling to provide direction for technical vulnerability management that come after it.

Threat Modeling Methodologies

Threat modeling has several methodologies, the most used is listed below. We will talk in detail about each of them in a separate post.

• STRIDE
• PASTA
• OCTAVE
• TRIKE
• VAST

Threat modeling components

These three are the primary components in threat modeling:

• Assets: it could be physical or non physical such as databases, customer purchase record, insurance nominated beneficial. It is always what the hackers are looking for, such as credentials, customer credit cards, company digital assets like pre-release movie and tv show video or software product source code. Thus, we need to know what asset we want to protect.
• Threats: is a person or program that may cause harm to the system. It can be identified, but it can not be prevented.
• Vulnerabilities: is the weakness of your system where the hackers may find a way to use it to exploit your system.

Threat Modeling questions

Threat modeling has four essential questions that you should always ask:

• What are you building?
• What could go wrong?
• What are you doing to defend against threats?
• Have you acted on each of the previous steps?

How to develop threat model that work for your company

Here are five easy steps you can follow to develop a threat model that works for your company. Simply copying another company’s threat model may not work for you, since it does not reflect your actual scenario and context. Reference to other threat model, the most is give you as reference example, but you must develop your company own threat model:

Step 1: Set security objectives

When you know exactly what you want, you can know what the approach and actions you need to reach out there. For instance, your goal is to secure a database. Thus, you will work backward to apply access control to specific trustful people, from whitelisting some user, or trusted internal machine to blacklisting others IP and user accounts.

Step 2: Identify assets

Threats may occur because of unauthorized access to assets. Thus, we need a clear list about which assets we need to protect from any possible threats.

Step 3: Identify enemies

Step 4: Identify threats & vulnerabilities

Identify where a threat could come from and who may cause harm to your system. Also, identify what are the weaknesses of your system that may be used negatively. Identifying threats and vulnerabilities allow you to fix it before anything happens.

Step 5: Mitigation

After identifying the possible threats and vulnerabilities, you have to set the mitigation for each of them and take the action.

Summary

Now you know what threat modeling is and its methodologies in brief, the three main components, the three important questions, and how to use a threat model in easy five steps.

E-SPIN Group in the enterprise ICT solution supply, consulting, project management, training and maintenance support for enterprise customers and government agencies across the region. Feel free to contact E-SPIN for Threat Modeling and related solutions, from the high level governance, risk and compliance management (GRC), threat and vulnerability management (TVM), vulnerability assessment and penetration testing (VAPT), to specific point solution address area you need assisting the most.