Skip to main content

Threat Modeling

Threat modeling is a security process where potential threats are identified, categorized, and analyzed. The aim is to eliminate or reduce these threats, either proactively or reactively. This approach can be based on:

  1. Assets: Uses asset valuation results to identify threats to the most valuable assets.
  2. Attackers: Identify potential attackers and threats based on the attackers' goals.
  3. Software: Considers potential threats against the software the organization develops.
Understanding these concepts and being able to apply them to real-world scenarios is key to mastering supply chain and risk management for your CISSP exam.

STRIDE

Developed by Microsoft, STRIDE primarily focuses on software. It aims to identify and address the following areas of threat:

  • Spoofing: This involves falsifying identity, such as presenting as another user or system.
  • Tampering: This involves data manipulation or unauthorized changes in the system.
  • Repudiation: This is staging an attack in such a way that the attacker can deny their involvement.
  • Information Disclosure: This involves unauthorized access to information.
  • Denial of Service (DoS): This refers to attacks aimed at making a system unavailable or inaccessible.
  • Elevation of Privilege: This involves unauthorized increases in privilege or access within the system.
Regarding your question, spoofing differs from repudiation as spoofing involves presenting a false identity to gain unauthorized access, while repudiation refers to an attacker's ability to deny their actions after staging an attack.

PASTA

The Process for Attack Simulation and Threat Analysis (PASTA) is a threat modeling approach focused on developing countermeasures based on asset value. It involves seven stages:

  1. Definition of Objectives: Establishing clear objectives for threat modeling.
  2. Definition of Technical Scope: Identifying the systems, applications, and data to be protected.
  3. Application Decomposition & Analysis: Breaking down the application into its components and analyzing each for potential vulnerabilities.
  4. Threat Analysis: Identifying potential threats to the system.
  5. Weakness & Vulnerability Analysis: Identifying and analyzing the weaknesses and vulnerabilities that can be exploited by the threats.
  6. Attack Modeling & Simulation: Modeling potential attack vectors and simulating their impacts.
  7. Risk Analysis & Management: Evaluating the risks posed by the identified threats and developing strategies to manage them.

VAST

Visual, Agile, Simple, Threat (VAST) is a threat modeling approach that integrates threat management into an agile programming environment. It's ideal for organizations that heavily use agile methodologies in their operations.

DREAD

DREAD is a risk assessment model designed to answer five critical questions:

  1. Damage Potential: How severe could the damage be if the threat is realized?
  2. Reproducibility: How easy is it for attackers to reproduce the exploit?
  3. Exploitability: How difficult is it to perform the attack?
  4. Affected Users: What percentage of users (internal or external) are likely to be affected by the attack?
  5. Discoverability: How difficult is it for an attacker to discover this weakness?

TRIKE

TRIKE is an open-source threat modeling process focused on acceptable risk. It implements a requirements model, ensuring that the assigned level of risk for each asset is acceptable to stakeholders.

COBIT

Control Objectives for Information and Related Technology (COBIT) is an IT management and governance framework, based on five principles:

  1. Meeting Stakeholder Needs: Ensuring the organization meets the needs of stakeholders.
  2. Covering the Enterprise End-to-End: Considering the full scope of the enterprise.
  3. Applying a Single, Integrated Framework: Implementing a centralized, coordinated approach.
  4. Enabling a Holistic Approach: Taking into account all aspects of the organization.
  5. Separating Governance from Management: Distinguishing between governance (oversight, strategy, risk decisions) and management (day-to-day execution).
Back to top