امیرحسین علی اکبریان. Introduction Goals of Threat Modeling The approach Overview.
Threat Modeling - Overview
description
Transcript of Threat Modeling - Overview
![Page 1: Threat Modeling - Overview](https://reader036.fdocuments.net/reader036/viewer/2022062411/568167ab550346895ddcf927/html5/thumbnails/1.jpg)
Copyright © The OWASP FoundationPermission is granted to copy, distribute and/or modify this document under the terms of the OWASP License.
The OWASP Foundation
OWASP
http://www.owasp.org
Threat Modeling - Overview
Megha Ananditsmeghaanand-at-gmail-dot-com
<date>
![Page 2: Threat Modeling - Overview](https://reader036.fdocuments.net/reader036/viewer/2022062411/568167ab550346895ddcf927/html5/thumbnails/2.jpg)
OWASP 2
Agenda Terminology Terminology Example Threat Modeling Benefits Who Process Overview Business Security Objectives Model the System Application Decomposition Threat Profile STRIDE & its Relation Threat Tree Risk Assessment Example
![Page 3: Threat Modeling - Overview](https://reader036.fdocuments.net/reader036/viewer/2022062411/568167ab550346895ddcf927/html5/thumbnails/3.jpg)
OWASP 3
Terminology Asset: Things to protect (tangible or intangible) Entry/Exit Points: Ways to get at an asset Threat: Risks to an asset
Attack / exploit: An action taken that harms an asset Vulnerability: Specific ways to execute the attack
Risk: Likelihood that vulnerability could be exploited Mitigation / Countermeasure: Something that addresses a
specific vulnerability We can mitigate vulnerabilities…
…but the threat still exists!!!
![Page 4: Threat Modeling - Overview](https://reader036.fdocuments.net/reader036/viewer/2022062411/568167ab550346895ddcf927/html5/thumbnails/4.jpg)
OWASP 4
Terminology Example
Asset – ATM Machine
![Page 5: Threat Modeling - Overview](https://reader036.fdocuments.net/reader036/viewer/2022062411/568167ab550346895ddcf927/html5/thumbnails/5.jpg)
OWASP 5
Terminology Example
Use Case Customer withdraws cash from ATM Checks balance in his/her account Transfers cash to some other account
![Page 6: Threat Modeling - Overview](https://reader036.fdocuments.net/reader036/viewer/2022062411/568167ab550346895ddcf927/html5/thumbnails/6.jpg)
OWASP 6
Terminology Example
Attacker – Burglar
![Page 7: Threat Modeling - Overview](https://reader036.fdocuments.net/reader036/viewer/2022062411/568167ab550346895ddcf927/html5/thumbnails/7.jpg)
OWASP 7
Terminology Example
Threat – Denial of ServiceAttack – Physically temperedVulnerability – Plastic made
Closed
![Page 8: Threat Modeling - Overview](https://reader036.fdocuments.net/reader036/viewer/2022062411/568167ab550346895ddcf927/html5/thumbnails/8.jpg)
OWASP 8
Terminology Example
Security Controls Guard CCTV Cameras ATM Machine should be made of Steel/Iron
But threat still persists!!!
![Page 9: Threat Modeling - Overview](https://reader036.fdocuments.net/reader036/viewer/2022062411/568167ab550346895ddcf927/html5/thumbnails/9.jpg)
OWASP 9
Take Away!!!
Key Point: We can reduce the risk but cannot rid of
completely!!!
Assumption: Lets engage in repetitive penetration testing
Question: During Development? At deployment? After
deployment?
![Page 10: Threat Modeling - Overview](https://reader036.fdocuments.net/reader036/viewer/2022062411/568167ab550346895ddcf927/html5/thumbnails/10.jpg)
OWASP 10
Threat Modeling
Its an iterative process which helps in Simplifies qualitative risk assessment Identify security objective Create security profile of application Identify & prioritize threats Visualizing & documenting threats
![Page 11: Threat Modeling - Overview](https://reader036.fdocuments.net/reader036/viewer/2022062411/568167ab550346895ddcf927/html5/thumbnails/11.jpg)
OWASP 11
Benefits
Cost Time Quality
![Page 12: Threat Modeling - Overview](https://reader036.fdocuments.net/reader036/viewer/2022062411/568167ab550346895ddcf927/html5/thumbnails/12.jpg)
OWASP 12
Cost
Less Very High
![Page 13: Threat Modeling - Overview](https://reader036.fdocuments.net/reader036/viewer/2022062411/568167ab550346895ddcf927/html5/thumbnails/13.jpg)
OWASP 13
Time
Requirement Gathering
orEarly stages of SDLC
![Page 14: Threat Modeling - Overview](https://reader036.fdocuments.net/reader036/viewer/2022062411/568167ab550346895ddcf927/html5/thumbnails/14.jpg)
OWASP 14
Post Production
![Page 15: Threat Modeling - Overview](https://reader036.fdocuments.net/reader036/viewer/2022062411/568167ab550346895ddcf927/html5/thumbnails/15.jpg)
OWASP 15
Quality
![Page 16: Threat Modeling - Overview](https://reader036.fdocuments.net/reader036/viewer/2022062411/568167ab550346895ddcf927/html5/thumbnails/16.jpg)
OWASP 16
Who Developers Security
Consultants Architects IT Project
Managers
![Page 17: Threat Modeling - Overview](https://reader036.fdocuments.net/reader036/viewer/2022062411/568167ab550346895ddcf927/html5/thumbnails/17.jpg)
OWASP 17
Process Overview Identify business security objectives Decompose Application Understand attacker & abuse cases Threat Analysis Risk Analysis Security controls
![Page 18: Threat Modeling - Overview](https://reader036.fdocuments.net/reader036/viewer/2022062411/568167ab550346895ddcf927/html5/thumbnails/18.jpg)
OWASP 18
Business Security Objective It’s a high level overview of what security
issues need to be addressed in order to maintain business objective.
Generate security objective with help of - Confidentiality - Integrity - Availability
![Page 19: Threat Modeling - Overview](https://reader036.fdocuments.net/reader036/viewer/2022062411/568167ab550346895ddcf927/html5/thumbnails/19.jpg)
OWASP 19
Model the System Entry Points Assets Roles & Identities Trust Levels
![Page 20: Threat Modeling - Overview](https://reader036.fdocuments.net/reader036/viewer/2022062411/568167ab550346895ddcf927/html5/thumbnails/20.jpg)
OWASP 20
Decompose Application
DFD Components
Customer Web Server
Data StoreRequest Request
Response Response
External Entity - Entry point of application
![Page 21: Threat Modeling - Overview](https://reader036.fdocuments.net/reader036/viewer/2022062411/568167ab550346895ddcf927/html5/thumbnails/21.jpg)
OWASP 21
Decompose Application
DFD Components
Customer Web Server
Data StoreRequest Request
Response Response
Process - Perform an Action
![Page 22: Threat Modeling - Overview](https://reader036.fdocuments.net/reader036/viewer/2022062411/568167ab550346895ddcf927/html5/thumbnails/22.jpg)
OWASP 22
Decompose Application
DFD Components
Customer Web Server
Data StoreRequest Request
Response Response
Data store - Where data is stored
![Page 23: Threat Modeling - Overview](https://reader036.fdocuments.net/reader036/viewer/2022062411/568167ab550346895ddcf927/html5/thumbnails/23.jpg)
OWASP 23
Decompose Application
DFD Components
Customer Web Server
Data StoreRequest Request
Response Response
Data Flows - Direction of Data Movement
![Page 24: Threat Modeling - Overview](https://reader036.fdocuments.net/reader036/viewer/2022062411/568167ab550346895ddcf927/html5/thumbnails/24.jpg)
OWASP 24
Decompose Application
DFD Components
Customer Web Server
Data StoreRequest Request
Response Response
Trust Boundary – Physical or Logical
![Page 25: Threat Modeling - Overview](https://reader036.fdocuments.net/reader036/viewer/2022062411/568167ab550346895ddcf927/html5/thumbnails/25.jpg)
OWASP 25
Example
![Page 26: Threat Modeling - Overview](https://reader036.fdocuments.net/reader036/viewer/2022062411/568167ab550346895ddcf927/html5/thumbnails/26.jpg)
OWASP 26
Simple Approach - Threat Profile Where to BEGIN???
Confidentiality(who can read)
Integrity(who can write)
Availability(who can access)
Network
Server
Application
![Page 27: Threat Modeling - Overview](https://reader036.fdocuments.net/reader036/viewer/2022062411/568167ab550346895ddcf927/html5/thumbnails/27.jpg)
OWASP 27
STRIDE - Threat categories Spoofing Tempering Repudiation Information Disclosure Denial of Service Escalation of Privileges
![Page 28: Threat Modeling - Overview](https://reader036.fdocuments.net/reader036/viewer/2022062411/568167ab550346895ddcf927/html5/thumbnails/28.jpg)
OWASP 28
Threat Categories & Security Control Spoofing
Authentication Tempering Integrity
Repudiation Non – repudiation
Information DisclosureConfidentiality
Denial of Service Availability
Escalation of Privilege Authorization
![Page 29: Threat Modeling - Overview](https://reader036.fdocuments.net/reader036/viewer/2022062411/568167ab550346895ddcf927/html5/thumbnails/29.jpg)
OWASP 29
Threat – Element Relation
DFD Component S T R I D E
Entity X X
Process X X X X X X
Data Flow X X X
Data Store X X X X
![Page 30: Threat Modeling - Overview](https://reader036.fdocuments.net/reader036/viewer/2022062411/568167ab550346895ddcf927/html5/thumbnails/30.jpg)
OWASP 30
Threat Tree
![Page 31: Threat Modeling - Overview](https://reader036.fdocuments.net/reader036/viewer/2022062411/568167ab550346895ddcf927/html5/thumbnails/31.jpg)
OWASP 31
Risk Assessment
Simplest Approach Low, Medium, High Impact/Likelihood Matrix
Low Medium High
Low Low Low Medium
Medium Low Medium High
High Medium High High
![Page 32: Threat Modeling - Overview](https://reader036.fdocuments.net/reader036/viewer/2022062411/568167ab550346895ddcf927/html5/thumbnails/32.jpg)
OWASP 32
Practical Example
![Page 33: Threat Modeling - Overview](https://reader036.fdocuments.net/reader036/viewer/2022062411/568167ab550346895ddcf927/html5/thumbnails/33.jpg)
OWASP 33