Threat Modeling

TECHNICAL DEFINITION

Threat modeling is a proactive cybersecurity engineering methodology for systematically identifying, understanding, and prioritizing potential security threats and vulnerabilities within an application, system, or operational environment by analyzing its architecture, data flows, and trust boundaries from an attacker's perspective to inform effective mitigation strategies and security controls.

BACKGROUND

Threat modeling is a process by which potential threats, such as structural vulnerabilities or the absence of appropriate safeguards, can be identified and enumerated, and countermeasures prioritized. The purpose of threat modeling is to provide defenders with a systematic analysis of what controls or defenses need to be included, given the nature of the system, the probable attacker's profile, the most likely attack vectors, and the assets most desired by an attacker. Threat modeling answers questions like "Where am I most vulnerable to attack?", "What are the most relevant threats?", and "What do I need to do to safeguard against these threats?".

SYNONYMS & ALIASES

• Security risk analysis
• Application security analysis
• System vulnerability analysis
• Attack surface identification
• Security design review
• Proactive security assessment

USAGE NOTE

In military and intelligence, threat modeling is crucial for securing critical infrastructure, sensitive data, and operational systems against sophisticated state-sponsored cyber adversaries.

DEVELOPERS

Organizations developing technology related to Threat Modeling.

• Microsoft

  Develops the Microsoft Threat Modeling Tool, a free tool for finding design-level security issues. Also incorporates threat modeling principles into its secure development lifecycle for its products.

• OWASP Foundation

  The Open Web Application Security Project (OWASP) provides frameworks, methodologies, and tools for web application security, including the OWASP Threat Modeling Project and various guides for secure software development.

• Security Compass

  Offers SD Elements, a platform that automates threat modeling and integrates security requirements into the software development lifecycle, helping organizations build secure software faster.

• Thales Group

  A global technology leader in defense and security, developing systems and solutions that often incorporate robust threat modeling practices for critical infrastructure and national security applications.

• Accenture

  Provides cybersecurity consulting services, including threat modeling as a core part of its security architecture and design offerings to help clients identify and mitigate risks in their systems and applications.

• CGI Inc.

  Offers cybersecurity services and solutions, including risk assessments, secure system design, and the application of threat modeling methodologies to protect client assets and critical infrastructure.

• Amazon Web Services (AWS)

  Integrates security by design into its cloud services and provides extensive documentation and best practices that include threat modeling principles for building secure applications on its platform.

• PwC

  Offers cybersecurity consulting services, including strategic threat modeling engagements to help organizations understand, prioritize, and mitigate security risks across their enterprise IT and product portfolios.