~

~/Security

~/Security/Appsec

---

• Threat Modeling
  • Four-Question Framework
  • Steps
    • Decompose the Application
    • Determining and Ranking Threats using STRIDE
    • Risk Management

---

Threat Modeling

Written while completing the Threat Modeling Skills course by Adam Shostack, on LinkedIn Learning

Certificate of Completion

Four-Question Framework

1. What are we working on?(Assess Scope)
2. What can go wrong?(Identify what can go wrong)
3. What are we going to do about it?(Identify countermeasures/perform risk management)
4. Did we do a good job?(Assess Work)

Steps

Decompose the Application

• how the application will be used and how it will react with external components
• (data) entry points
• (data) exit points
• assets
• trust levels

Determining and Ranking Threats using STRIDE

threat categorization

help identify threats from the attacker and

• spoofing(authentication)
• tampering(integrity)
• repudiation(non-repudiation)
• information disclosure(confidentiality)
• denial of service(availability)
• elevation of privilege(authorization)

risk=P(threat)*cost

Create a threat tree diagram

Risk Management

once the possible impact is identified, the associated risks can be-

• accept
• eliminate
• mitigate