As hacking incidents continue to increase, cybersecurity has become a top priority in today’s digital world. With more aspects of our lives moving online, both businesses and individuals have a lot to lose from security breaches.<\/p>\n
To address this concern, cybersecurity professionals are utilizing a variety of defenses and countermeasures to protect sensitive information and transactional data. Given the vast number and types of attacks currently available, this is a monumental task.<\/p>\n
To address this challenge, threat modeling has emerged as a crucial component in the field of cybersecurity.<\/a> In this article, we will delve into the concept of threat modeling in cybersecurity, its importance, and the various methodologies available.<\/p>\n Threat Modeling is a method of optimizing network security by finding vulnerabilities, identifying objectives, and developing countermeasures to prevent or reduce the effects of cyber attacks<\/a> on systems.<\/p>\n While security teams on duty within the organization can perform Threat Modeling from any point during development, doing so early in the project is best practice. This way, threats can be identified quickly and dealt with before they become problems.<\/p>\n The Threat Modeling process consists of defining enterprise assets, identifying the functions used in each application in the grand scheme, and building a security profile for each application.<\/p>\n The process continues by identifying and prioritizing potential threats, then documenting the hazardous events and what actions should be taken to resolve them.<\/p>\n In layperson’s terms, Threat Modeling is taking a step back to assess an organization’s digital and network assets, identify weak points, determine existing threats, and determine future plans to protect or recover.<\/p>\n While the term Threat Modeling may sound foreign, you would be surprised how little attention is paid to security in some sectors.<\/p>\n We’re talking about a world where some people use “Password” as a password yet still leave their mobile devices unattended.<\/p>\n With that said, it’s no surprise that many organizations and businesses still need to consider the idea of Threat Modeling.<\/p>\n There are many ways to fight cybercrime from several types of cyber attacks. One of them is by using the Threat Modeling methodology. Here are the ten most popular Threat Modeling methodologies currently in use.<\/span><\/p>\n The methodology developed by Microsoft for Threat Modeling, STRIDE, is used to identify security threats where the threats are divided into six categories, namely:<\/span><\/p>\n Spoofing:<\/span><\/strong>\u00a0Intruders impersonating other users, components, or system features that contain identities in the modeled system.<\/span><\/p>\n Tampering: Alteration of data in systems to achieve malicious purposes.<\/span><\/p>\n Repudiation:<\/span><\/strong>\u00a0The ability of an intruder to deny that they are carrying out some malicious activity in the absence of sufficient evidence.<\/span><\/p>\n Information Disclosure:<\/span><\/strong>\u00a0Expose protected data to unauthorized users to view.<\/span><\/p>\n Denial of Service:<\/span><\/strong>\u00a0Intruders use unauthorized means to obtain services so that other users cannot access these services.<\/span><\/p>\n Elevation of Privilege: Allows intruders to execute unauthorized commands and functions.<\/span><\/p>\n It was proposed as a methodology for Threat Modeling, but Microsoft discontinued it in 2008 due to inconsistent methodology ratings. But OpenStack and many other organizations today still use DREAD. This methodology is basically a way to rank and assess security risks which are divided into five categories, namely:<\/span><\/p>\n Damage Potential: Measures the level of damage resulting from exploited weaknesses.<\/span><\/p>\n Reproducibility:<\/span><\/strong>\u00a0Measures the ease with which an attack can reproduce.<\/span><\/p>\n Exploitability: Measures the effort required to launch an attack.<\/span><\/p>\n Affected Users:<\/span><\/strong>\u00a0Measures how many users were affected if the exploit became widely available.<\/span><\/p>\n Discoverability:<\/span><\/strong>\u00a0Measures how easy it is to find threats.<\/span><\/p>\n PASTA stands for Process for Attack Simulation and Threat Analysis. This methodology has seven steps centered on risk.<\/span><\/p>\n This methodology is used for dynamic threat identification, enumeration, and assessment processes. Once the experts have detailedly analyzed the identified threats, the developer can develop an asset-centric mitigation strategy by analyzing the application through an attacker-centric view.<\/span><\/p>\n Trike focuses on using threat modeling as a risk management tool.<\/a> The threat model is built based on the requirements model and establishes an ‘acceptable’ risk level determined by stakeholders to be assigned to each asset class.<\/span><\/p>\n Requirements model analysis generates a threat model in which threats are identified and assigned a risk score. The completed threat model is then used to build a quantifiable risk model, factor in action, asset, role, and risk exposure.<\/span><\/p>\n VAST stands for Visual, Agile, and Simple Threat. This methodology provides actionable output for the specific needs of various stakeholders such as application architects<\/a> and developers, cyber security personnel, etc.<\/span><\/p>\n VAST offers unique application and infrastructure visualization planning so that the creation and use of threat models do not require particular expertise in security.<\/span><\/p>\n The Tree methodology is a conceptual diagram that shows how an asset or target can be attacked consisting of a root node with branching nodes that can be added.<\/p>\n A child node is a condition that must be met to make the parent node immediately value true. Each node is directly related to the child nodes below it.<\/p>\nIntro to Threat Modelling<\/strong><\/h2>\n
Threat Modeling Process<\/strong><\/h2>\n
Threat Modelling Methodology<\/strong><\/h2>\n
1. STRIDE<\/strong><\/h3>\n
2. DREAD<\/strong><\/h3>\n
3. PASTE<\/strong><\/h3>\n
4. Trikes<\/strong><\/h3>\n
5. VAST<\/strong><\/h3>\n
6. Attack Tree<\/strong><\/h3>\n