What is threat modeling and why should you care?

2021-04-30 05:00

While there is not one exact industry wide definition, threat modeling can be summarized as a practice to proactively analyze the cyber security posture of a system or system of systems.

In short, threat modeling answers questions as "Where am I most vulnerable to attacks?", "What are the key risks?", and "What should I do to reduce these risks?".

More specifically, threat modeling identifies cybersecurity threats and vulnerabilities and provides insights into the security posture, and what controls or defenses should be in place given the nature of the system, the high-value assets to be protected, the potential attackers' profiles, the potential attack vectors, and the potential attack paths to the high-value assets.

On the question "Who should threat model?" the Threat Modeling Manifesto says "You. Everyone. Anyone who is concerned about the privacy, safety, and security of their system." While we do agree with this principle in the long term, we want to nuance the view and highlight the need for automation.

Threat modeling work is typically done by a combination of development/DevOps teams and the security organization.

As with the threat modeling in development, organizations have organized the work in different ways.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/TtLwmu56Y30/

#threat #threatmodeling

News URL

Related news