As new threats emerge exponentially in a more networked and interconnected ecosystem the threat modeling concept has evolved from a concept of theory to an industry-leading information security practice.
Organizations use threat modeling to in bringing together testers, developers as well as security engineers and business owners to better understand the threats and risks that come with their information, organizations and user communities, in order to consider security at the very beginning of the lifecycle of software development.
As methods for modeling threats change in response to increased applications and use from security experts, they recognize that selecting the best method for your company can lead to more widespread adoption and greater outcomes.
Whatever method you choose to use an attack model will attempt to answer four fundamental questions:
What is it that we are building?
What is the most likely cause of a problem?
How do we react to something that isn’t working?
Do we have a decent enough job?
Let’s look at the different methods and evaluate the strengths as well as weaknesses.
STRIDE
STRIDE Microsoft’s threat modeling technique is the longest-running known, most documented and the most well-established methodological approach. It was created to developers of Microsoft software consider security in the initial design phase. Therefore, STRIDE is very development-oriented.
The acronym STRIDE stands for Spoofing, Tampering Repudiation, Information Disclosure and Denial of Service and the elevation of Privilege It seeks to relate security concepts from the CIA triad to the architecture and data flow diagrams. When a team has created the data flow diagram, engineers review the app to an STRIDE classification scheme. The results show risks as well as risks. They are derived directly from design diagrams in the process of development.
PASTA
The Process for Attack Simulation and Threat Analysis PASTA, also known as PASTA is a seven-step procedure for the analysis of risk that’s geared towards attackers. The purpose of this approach is to align the business goals with the technical requirements, and take into consideration the impact of business on the requirements for compliance.
The method concentrates on assets to determine the risk in relation to its impact on business. PASTA threat modeling is ideal for businesses that wish to integrate threat modeling into goals of strategic importance because it includes an analysis that analyzes the impact on business.
Trike
Trike is a risk-based compliance modeling technique that is focused on meeting the requirements of security auditing. Trike is based on a requirements model which assigns acceptable levels of risk to every asset.
Once it is established The team then creates the data flow diagrams and then threats are listed with the appropriate risk levels. The team then creates mitigation controls and prioritize the threats. Since the team has to comprehend the whole system, it is an obstacle applying this approach to massive systems.
VAST
The Visual agile, agile and simple Threat modeling method extends the process of threat modeling across the entire infrastructure for the entire lifecycle of software development that integrates agile and DevOps techniques. VAST is a business-oriented approach and offers an actionable output for the various requirements of each stakeholder.
Because the security concerns of developers differ from those of the infrastructure team’s concerns, VAST allows teams to develop either process flow diagrams that map out the application and operational threat models that show the flow of data.
Choose the one that’s Right for You
The best method to choose is about determining the most effective method to your SDLC maturation and making sure that the method produces the outputs you want. Although all threat modeling methods can be used to identify potential threats, the accuracy as well as the quantity and reliability can differ.
Copyright 2021. All Rights Reserved.