Apply Threat Modeling

Anticipate, analyze, and document how and why attackers may attempt to misuse the software.

Description

Threat modeling is the process of analyzing how and why attackers might subvert security mechanisms to gain access to the data and other assets accessible through the project’s software.

Practice Implementation Questions

1. Does the project have a standard for threat modeling?
2. Does the project have a list of expected attackers?
3. Does the project have a list of expected attacks?
4. Does the project budget for time to analyze its expected attackers and attacks, identify vulnerabilities, and plan for their resolution?
5. Does the project budget time for keeping up to date on new attackers and attacks?
   • for the project software
   • for the project technologies
   • for the environment in which the project operates?
6. Does the project develop ‘abuse cases’ or ‘misuse cases’ based on its expected attackers?
7. Are defect records created to track resolution of each vulnerability discovered during threat modeling?
8. Are results from vulnerability tracking fed into the threat modeling process?

Keywords

threats, attackers, attacks, attack pattern, attack surface, vulnerability, exploit, misuse case, abuse case.

Links

OWASP Threat Modeling