1 / 12

Threat Modeling

Threat Modeling. By Dharmesh M Mehta June, 2006 dharmeshmm@mastek.com http://smartsecurity.blogspot.com. Agenda. What is Threat Modeling Threat Modeling Process Threat Models and Analysis. What is Threat Modeling?.

floydr
Download Presentation

Threat Modeling

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Threat Modeling By Dharmesh M Mehta June, 2006 dharmeshmm@mastek.com http://smartsecurity.blogspot.com

  2. Agenda • What is Threat Modeling • Threat Modeling Process • Threat Models and Analysis

  3. What is Threat Modeling? • Threat Modeling is a structured method that is used to understand and mitigate threats against your system. • Helps the development team: • Identify where the application is most vulnerable • Determine which threats require mitigation and how to address those threats • Genuinely useful and does not have to be difficult. It is a hot new buzzword!

  4. Essential Terminology • Threat – An action or event that might prejudice security. A threat is a potential violation of security. • Vulnerability – Existence of a weakness, design, or implementation error that can lead to an unexpected, undesirable event compromising the security of the system. • Attack – An assault on system security that derives from an intelligent threat. An attack is any action that violates security.

  5. Threat Modeling Process • Define Application Requirements • Decompose your application • Define Application Architecture • Include External Components • Application Use Cases • Model • Find Threats against CIA • Measure

  6. Defining Application Requirements Courtesy: Microsoft Threat Analysis and Modeling

  7. Defining Application Architecture Courtesy: Microsoft Threat Analysis and Modeling

  8. Model Courtesy: Microsoft Threat Analysis and Modeling

  9. 1.2 Guess password 1.1 Access “in-use”password 1.3 Access Password in DB 1.3.1 Password is in cleartext 1.3.2 Compromise database 1.1.1 Sniff network 1.1.2 Phishing attack 1.2.1 Password is weak 1.2.2 Brute force attack 1.3.2.1 SQL injection attack 1.3.2.2 Access database directly 1.3.2.2.1 Port open 1.3.2.2.2 Weak db account password(s) Threat Tree Threat #1 (I) Compromise password

  10. Threat Models • You cannot build secure applications unless you understand threats • Find different bugs than code review and testing • Threat modeling yields both threats and vulnerabilities and provides ways to perform security testing in order to prioritize the security fixes needed.

  11. Threat Analysis • Secure software starts with understanding the threats • Threats are not vulnerabilities • Threats live forever • How will attackers attempt to compromise the system?

  12. That’s it… • Presentation will be online: http://www.owasp.org/index.php/Mumbai Thank you!

More Related