Cybersecurity Threat Modelling

Cybersecurity Threat Modelling

“Threat Modelling to optimize resources and maximize security. Discover hidden vulnerabilities within your people, processes and technology.”

  1. Overview

Cyber threats represent significant commercial and operational risk, yet many organizations do not know what threats they face, what their most critical cyber assets are, or who and what they are defending against. It is better to find security flaws when there is time to fix them.

Threat modelling is a process aimed to identify potential threats to the system by mapping the assets, the types of attackers, and by other factors. The purpose of threat modelling is to provide the developers with the most likely attack vectors, and the assets most desired by an attacker.

Threat modeling is a highly complex endeavor, especially as the threat landscape continues to become more sophisticated by the day. The security experts who engage in threat modeling must not only understand all of the risks large and small that face the organization, but must be familiar with the latest technologies and strategies that can defend against them.

  1. Approach

At Seven Step Consulting’s we understand that technology is a crucial and growing part of modern life and underpins our efforts to build a world-leading digital economy, that faces significant and ever evolving cyber threats which are increasingly seen as high risk in comparison to other risks that businesses face. Seven Step Consulting’s Threat Modelling approach aligns to industry leading standards and frameworks, including OCTAVE, IRAM2, and ISO 27035 amongst others.

We look at the key elements of threat modelling:

  1. Assets – What and where are the assets?” What valuable data and equipment should be secured?
  2. Threats – What are the most relevant threats?” “Is there an attack vector that might go unnoticed?” What the attacker can do to the system?
  3. Vulnerabilities – “Where am I most vulnerable to attacks?” What are the flaws in the system that can allow an attacker to realize a threat?

 

THREAT MODELLING STEPS

Step 1: Identify the assets (database server, file servers, data lake stores, Active Directory, REST calls, configuration screens, Azure portal, authenticated and anonymous web user, Azure AAD client apps, database users, DB administrators)

Step 2: Outline details of architecture on which the valuable asset is being processed. It may include the software framework, version and other architectural details (ASP.net web application connection to cloud data stores and third-party services using JWT tokens).

Step 3: Break down the application regarding its process, including all the sub-processes that are running the application. We create a data flow diagram (DFD).

Step 4: List identify threats in a descriptive way to review to process further.

Step 5: Classify the threats with parallel instances so that threats can be identified in the application in a structured and repeatable manner.

Step 6: Rate the severity of the threat.

  • STRIDE (Uses application-centric approach)
    • Spoofing of user identity
    • Tampering
    • Repudiation
    • Information disclosure (privacy breach or data leak)
    • Denial of service (DoS)
    • Elevation of privilege
  • PASTA (risk-centric approach): Process for Attack Simulation and Threat Analysis
  • TRIKE (risk-based approach with unique implementation and risk-modelling process)
  • VAST (Visual, Agile and Simple Threat modelling)
  • OCTAVE (focused on assessing organizational (non-technical) risks that may result from breached information assets.)
Threat Modelling across the Lifecycle
  • Threat modeling is best applied continuously throughout a development / Implementation project. We provide a Threat Model customized to the client’s needs.
  • The process is essentially the same at different levels of abstraction, although the information gets more and more granular throughout the lifecycle.
  • Ideally, a high-level threat model should be defined in the concept or planning phase, and then refined throughout the lifecycle.
  • As more details are added to the system, new attack vectors are created and exposed. The ongoing threat modeling process should examine, diagnose, and address these threats.
(focused on assessing organizational (non-technical) risks that may result from breached information assets.)
  1. Benefits

Threat Modelling helps your organization to:

  1. Enhance your security posture
  2. Document all the identified threats and rated threats
  3. Identify, analyze and quickly respond to potential security threats
  4. Save time, revenue and the reputation of your company
  5. Maximize your investment in security technology
  6. Enable existing staff to focus on core business capabilities
  7. Build a secure application.
  8. Bridge the gap between developers and security.
  9. Gain Knowledge and awareness of the latest risks and vulnerabilities.
  10. Gain greater visibility and streamline reporting

 

  1. Deliverables

Our findings are delivered in a detailed report that provides you a Threat Model customized to the organization’s system. The document will describe the identified assets and the threat agents, allowing the countermeasures required to protect against those threats to be defined.

  1. Our overall discoveries – confirmation of the presence or absence of compromise signs in your network
  2. In-depth analysis – of threat intelligence data gathered and of the Indicators of Compromise (IoCs) revealed.
  3. Detailed descriptions – of vulnerabilities exploited, possible attack sources, and the network components affected.
  4. Remediation recommendations – suggested steps to mitigate consequences of the incident revealed and to protect your resources from similar attacks in future Threat Modelling and Threat Hunting is available in an annual package with quarterly exercises.

REACH US TO ENSURE THAT WHEN EVEN WHEN A CRISIS STRIKES, YOUR BUSINESS MUST GO ON AS USUAL.