What is threat modelling
Suppose you have a software solution, which typically contains website, network, database and servers. An attacker can target any of these components to gain access and do the damage. If we systematically analyse and document each one of these component for possible ways a bad actor can attack (thinking as if an attacker) and come up with possible remedies, our security readiness and risk management greatly improves. This proactive exercise is nothing but threat modelling.
How it is done
There are several ways cybersecurity threat modelling is done, but usually answers following questions.
1. What are the systems to include?
-
- The systems that need to be protected, such as servers, websites, network and database.
2. Understand the system
-
- Create data flow and application diagrams to understand data entry and exit points into the components and how data is processed.
3. What can go wrong?
-
- For each of the component, analyse the possible threats to answer what can go wrong. An attacker can be external and internal as well. A framework such as STRIDE could be used.
4. What to do when things go wrong?
-
- For each of the threat envisioned, document, design and implement security controls to mitigate the threat. For instance, the mitigation can be as simple as blocking the attacker IP or a complex encryption implementation in your solution.
5. How to improve continuously.
-
- Keep revisiting your threat model and make improvements periodically or when new system components are introduced or when a security incidence takes place.
- Threat modelling is a proactive security measure. It helps in better communication about the security design of the system among the developers and manage mitigations to security threats.
If you need help securing your software solution, DeepDefence can help you. Drop us a message now!! We offer a free security assessment to new customers.