SlideShare a Scribd company logo

Threat Modeling: Best Practices

Source Conference, profile picture
Source Conference

This document provides best practices and guidance for threat modeling. It discusses key concepts like taxonomy, timing of threat modeling, contributors, audience, and tools. Common pitfalls discussed include not making it a collaborative effort, poor presentation of results, deleting threats, failing to identify assets properly, making unreasonable threats, digging too deep initially, and not versioning threat modeling results. The overall aim is to help people understand how to effectively incorporate threat modeling into their projects and security development lifecycle.

Technology
1 of 27
Downloaded 223 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
Threat  Modeling  Best  Prac3ces Helping  Making  Threat  Modeling  Work 1
About  Robert  Zigweid • Principal  Compliance  Consultant  at  IOAc3ve • CISSP,  PCI  QSA,  PCI  PA-­‐QSA • Experienced  in  threat  modeling  and  SDL 2
• What  does  Threat  Modeling  Mean  to  You? 3
Taxonomy • Make  sure  everyone  speaks  the  same  language. • Not  just  the  same  words,  but  the  same  meanings. 4
Taxonomy STRIDE DREAD All  about  the  type All  about  IMPACT –S  –  Spoofing   • D  –  Damage  Poten3al –T  –  Tampering • R  –  Reproducibility –R  –  Repudia3on • E  –  Exploitability –I  –  Informa3on  Disclosure • A  –  Affected  Users –D  –  Denial  of  Service • D  –  Discoverability –E  –  Eleva3on  of  Privilege 5
Taxonomy The  CIA C  –  Confiden3ality I  –  Integrity A  –  Accessibility 6
Timing • When  do  you  start  threat  modeling  a  project? • What  you  need  to  know  before  you  start • What  are  you  building? • What  needs  to  be  protected?   • It’s  never  too  late! 7
Timing • How  o_en? • At  the  beginning  of  a  new  release  cycle  is  a  great  3me • It’s  not  the  only  3me   • Try  QA • Throw  it  in  as  part  of  a  security  push 8
Timing • When  do  you  stop • When  the  project  is  end-­‐of-­‐life • When  you  don’t  care  anymore 9
Contributors • Who  came  up  with  that  idea? • Project  Owner • Architects • Developers • Testers • Everyone  else! 10
Contributors • How  to  Contribute • Ini3al  brainstorming • But  you  said  that’s  too  early! • So,  record  the  sessions • Before  QA  tes3ng • Emails • Issue  tracker • Who  cares? 11
Audience • O_en  overlooked • The  Audience • Management • Architects • Developers • QA • Forensics/Tes3ng • Others? 12
Threat  Modeling  and  your  SDL • Threat  Modeling  can  be  the  vehicle  for  your  SDL • Keeps  it  updated • Security  Ques3onnaires  when  considering  features • Deliver  development  requirements  to  developers • Test  Plans • Test  against  iden3fied  threats • Security  Reviews 13
Templates • Based  on  Func3on  Type • Grow  the  template  library 14
Perspec3ves! • Ahacker! • How  are  they  going  to  get  me? • How  do  I  stop  it? • Assets • What  do  I  care  about  most? • How  do  I  protect  it? 15
Understand  Your  Target • Project   • Project  Delivery 16
What  about  Agile? • The  good! • Business  people  and  developers  must  work  together   daily  throughout  the  project. • At  regular  intervals,  the  team  reflects  on  how  to   become  more  effec3ve,  then  tunes  and  adjusts  its   behavior  accordingly. • Working  so_ware  is  the  primary  measure  of  progress. • Security  in  so_ware  is  an  essen3al  part  of  “working” 17
What  about  Agile? • The  ....bad • Welcome  changing  requirements,  even  late  in   development.   • Deliver  working  so_ware  frequently,  from  a  couple  of   weeks  to  a  couple  of  months,  with  a  preference  to  the   shorter  3mescale. • The  most  efficient  and  effec3ve  method  of  conveying   informa3on  to  and  within  a  development  team  is  face-­‐ to-­‐face  conversa3on. 18
Tools • Microso_’s  Threat  Analysis  and  Modeling  (2.1.2) • Pros • Flexibility   • Doesn’t  require  data  flow  diagrams • Has  a  built  in  threat  library  to  reference • Tracks  threat  modeling  data  well • Comes  with  an  ahack  library 19
Tools • Microso_’s  Threat  Analysis  and  Modeling  (2.1.2)   (con3nued) • Cons • No  longer  supported • Does  not  use  STRIDE/DREAD,  but  CIA • Data  flow  diagrams  require  Visio • Can  be  difficult  to  begin  working  with • Supplied  ahack  library  doesn’t  necessarily  fit,  and  can  slow   you  down. 20
Tools • Microso_  SDL  Threat  Modeling  Tool  (3.1) • Pros • Currently  supported  and  developed  by  Microso_  along  with  their  SDL • Extensible • Can  write  plug-­‐ins  into  your  issue  tracking  system • Cons • It’s  free! • Well  sorta • Flexibility   • Requires  data  flow  diagrams 21
Tools • Trike • Pros • Methodology  is  driven  by  the  tool • Methodology  is  very  flexible • Automated  threat  genera3on • Cross-­‐plaporm • Cons • Does  not  scale • Development  of  tool  and  methodology  are  somewhat  slow 22
Tools • Others • Prac3cal  Threat  Analysis • What  do  I  use? • Excel  -­‐-­‐  some3mes • Word 23
Common  Pipalls • It’s  not  a  one  person  job • Poor  presenta3on • Never,  ever  delete • Once  a  threat,  always  a  threat • It’s  history • Properly  iden3fy  assets 24
Common  Pipalls • Keep  your  threats  reasonable • Avoid  Doomsday • Don’t  dig  too  deep • You  can  always  dive  later • Snapshot • Keep  it  versioned 25
Ques3ons! 26
Thank  you rzigweid@ioac3ve.com 27

More Related Content

What's hot (20)

PPT
STRIDE And DREAD
chuckbt
 
PPTX
Security Training: #3 Threat Modelling - Practices and Tools
Yulian Slobodyan
 
PDF
Application Threat Modeling
Priyanka Aash
 
PDF
Microsoft threat modeling tool 2016
Rihab Chebbah
 
PPTX
Application Threat Modeling
Rochester Security Summit
 
PPTX
Cyber Threat Modeling
EC-Council
 
PDF
Rapid Threat Modeling : case study
Antonio Fontes
 
PPTX
Threat Simulation and Modeling Training
Bryan Len
 
PDF
Secure Coding and Threat Modeling
Miriam Celi, CISSP, GISP, MSCS, MBA
 
PPTX
OWASP Québec: Threat Modeling Toolkit - Jonathan Marcil
Jonathan Marcil
 
PPT
Mobile application security and threat modeling
Shantanu Mitra
 
PPSX
Introduction to threat_modeling
Prabath Siriwardena
 
PPTX
Threat modelling with_sample_application
Umut IŞIK
 
PDF
An Example of use the Threat Modeling Tool (FFRI Monthly Research Nov 2016)
FFRI, Inc.
 
PDF
Threat Modeling Using STRIDE
Girindro Pringgo Digdo
 
PDF
Attack modeling vs threat modelling
Invisibits
 
PPTX
Threat modeling
Ankita Ganguly
 
PPTX
Secure Design: Threat Modeling
Cigital
 
PPTX
NTXISSACSC2 - Threat Modeling Part 1 - Overview by Brad Andrews
North Texas Chapter of the ISSA
 
PDF
Rapid Threat Modeling Techniques
Priyanka Aash
 
STRIDE And DREAD
chuckbt
 
Security Training: #3 Threat Modelling - Practices and Tools
Yulian Slobodyan
 
Application Threat Modeling
Priyanka Aash
 
Microsoft threat modeling tool 2016
Rihab Chebbah
 
Application Threat Modeling
Rochester Security Summit
 
Cyber Threat Modeling
EC-Council
 
Rapid Threat Modeling : case study
Antonio Fontes
 
Threat Simulation and Modeling Training
Bryan Len
 
Secure Coding and Threat Modeling
Miriam Celi, CISSP, GISP, MSCS, MBA
 
OWASP Québec: Threat Modeling Toolkit - Jonathan Marcil
Jonathan Marcil
 
Mobile application security and threat modeling
Shantanu Mitra
 
Introduction to threat_modeling
Prabath Siriwardena
 
Threat modelling with_sample_application
Umut IŞIK
 
An Example of use the Threat Modeling Tool (FFRI Monthly Research Nov 2016)
FFRI, Inc.
 
Threat Modeling Using STRIDE
Girindro Pringgo Digdo
 
Attack modeling vs threat modelling
Invisibits
 
Threat modeling
Ankita Ganguly
 
Secure Design: Threat Modeling
Cigital
 
NTXISSACSC2 - Threat Modeling Part 1 - Overview by Brad Andrews
North Texas Chapter of the ISSA
 
Rapid Threat Modeling Techniques
Priyanka Aash
 

Viewers also liked (17)

PDF
Real World Application Threat Modelling By Example
NCC Group
 
PPTX
Threat modeling web application: a case study
Antonio Fontes
 
PDF
Threats, Threat Modeling and Analysis
Ian G
 
PPTX
Everything you should already know about MS-SQL post-exploitation
Source Conference
 
PDF
SplunkLive Brisbane Splunk for Operational Security Intelligence
Splunk
 
PPTX
Containerization - The DevOps Revolution
Yulian Slobodyan
 
PPT
Opportunity and Threat Analysis
Paul Schumann
 
PPT
Web Application Security Testing
Marco Morana
 
PPT
Web Application Security
Abdul Wahid
 
PDF
The Internet of Things: Privacy and Security Issues
European Union Agency for Network and Information Security (ENISA)
 
PDF
Threat Modeling for the Internet of Things
Eric Vétillard
 
PDF
Security in the Internet of Things
ForgeRock
 
PPT
CCNA Security - Chapter 1
Irsandi Hasan
 
PPTX
The Cyber Threat Intelligence Matrix
Frode Hommedal
 
KEY
Opportunity and Threat of External Environment
Noonamsom
 
PDF
Internet of Things - Privacy and Security issues
Pierluigi Paganini
 
PDF
Global Cyber Threat Intelligence
NTT Innovation Institute Inc.
 
Real World Application Threat Modelling By Example
NCC Group
 
Threat modeling web application: a case study
Antonio Fontes
 
Threats, Threat Modeling and Analysis
Ian G
 
Everything you should already know about MS-SQL post-exploitation
Source Conference
 
SplunkLive Brisbane Splunk for Operational Security Intelligence
Splunk
 
Containerization - The DevOps Revolution
Yulian Slobodyan
 
Opportunity and Threat Analysis
Paul Schumann
 
Web Application Security Testing
Marco Morana
 
Web Application Security
Abdul Wahid
 
The Internet of Things: Privacy and Security Issues
European Union Agency for Network and Information Security (ENISA)
 
Threat Modeling for the Internet of Things
Eric Vétillard
 
Security in the Internet of Things
ForgeRock
 
CCNA Security - Chapter 1
Irsandi Hasan
 
The Cyber Threat Intelligence Matrix
Frode Hommedal
 
Opportunity and Threat of External Environment
Noonamsom
 
Internet of Things - Privacy and Security issues
Pierluigi Paganini
 
Global Cyber Threat Intelligence
NTT Innovation Institute Inc.
 
Ad

Similar to Threat Modeling: Best Practices (20)

PDF
Application Assessment Techniques
Denim Group
 
PPTX
Threat modelling(system + enterprise)
abhimanyubhogwan
 
PPTX
"Threat Model Every Story": Practical Continuous Threat Modeling Work for You...
Izar Tarandach
 
PPT
Software Security in the Real World
Mark Curphey
 
PPTX
chap-1 : Vulnerabilities in Information Systems
KashfUlHuda1
 
PDF
Threat Modeling to Reduce Software Security Risk
Security Innovation
 
PDF
Application Threat Modeling In Risk Management
Mel Drews
 
PDF
Computing security
seung hyun Seo
 
DOCX
Residency ResearchISOL 536 Security Architecture and Design.docx
brittneyj3
 
PDF
Web Application Remediation - OWASP San Antonio March 2007
Denim Group
 
PDF
An Introduction to Secure Application Development
Christopher Frenz
 
PDF
ProdSec: A Technical Approach
Jeremy Brown
 
PDF
Agile Secure Development
Bosnia Agile
 
KEY
EISA Considerations for Web Application Security
Larry Ball
 
PPTX
O'Reilly SACon 2019 - (Continuous) Threat Modeling - What works?
Izar Tarandach
 
PPTX
Integrating security into Continuous Delivery
Tom Stiehm
 
KEY
Application Security Done Right
pvanwoud
 
PPTX
Threat Modeling-modélisation_de_menaces.pptx
tuxbambi
 
PDF
The Permanent Campaign
Denim Group
 
PDF
Ivan Medvedev - Security Development Lifecycle Tools
DefconRussia
 
Application Assessment Techniques
Denim Group
 
Threat modelling(system + enterprise)
abhimanyubhogwan
 
"Threat Model Every Story": Practical Continuous Threat Modeling Work for You...
Izar Tarandach
 
Software Security in the Real World
Mark Curphey
 
chap-1 : Vulnerabilities in Information Systems
KashfUlHuda1
 
Threat Modeling to Reduce Software Security Risk
Security Innovation
 
Application Threat Modeling In Risk Management
Mel Drews
 
Computing security
seung hyun Seo
 
Residency ResearchISOL 536 Security Architecture and Design.docx
brittneyj3
 
Web Application Remediation - OWASP San Antonio March 2007
Denim Group
 
An Introduction to Secure Application Development
Christopher Frenz
 
ProdSec: A Technical Approach
Jeremy Brown
 
Agile Secure Development
Bosnia Agile
 
EISA Considerations for Web Application Security
Larry Ball
 
O'Reilly SACon 2019 - (Continuous) Threat Modeling - What works?
Izar Tarandach
 
Integrating security into Continuous Delivery
Tom Stiehm
 
Application Security Done Right
pvanwoud
 
Threat Modeling-modélisation_de_menaces.pptx
tuxbambi
 
The Permanent Campaign
Denim Group
 
Ivan Medvedev - Security Development Lifecycle Tools
DefconRussia
 
Ad

More from Source Conference (20)

PPTX
Million Browser Botnet
Source Conference
 
PDF
iBanking - a botnet on Android
Source Conference
 
PPTX
I want the next generation web here SPDY QUIC
Source Conference
 
PPTX
From DNA Sequence Variation to .NET Bits and Bobs
Source Conference
 
PPTX
Extracting Forensic Information From Zeus Derivatives
Source Conference
 
PPTX
How to Like Social Media Network Security
Source Conference
 
PDF
Wfuzz para Penetration Testers
Source Conference
 
PDF
Security Goodness with Ruby on Rails
Source Conference
 
PDF
Securty Testing For RESTful Applications
Source Conference
 
PPSX
Esteganografia
Source Conference
 
PPTX
Men in the Server Meet the Man in the Browser
Source Conference
 
PDF
Advanced Data Exfiltration The Way Q Would Have Done It
Source Conference
 
PPTX
Adapting To The Age Of Anonymous
Source Conference
 
PDF
Are Agile And Secure Development Mutually Exclusive?
Source Conference
 
PDF
Advanced (persistent) binary planting
Source Conference
 
PPTX
Legal/technical strategies addressing data risks as perimeter shifts to Cloud
Source Conference
 
PDF
Who should the security team hire next?
Source Conference
 
PDF
The Latest Developments in Computer Crime Law
Source Conference
 
PDF
JSF Security
Source Conference
 
PPTX
How To: Find The Right Amount Of Security Spend
Source Conference
 
Million Browser Botnet
Source Conference
 
iBanking - a botnet on Android
Source Conference
 
I want the next generation web here SPDY QUIC
Source Conference
 
From DNA Sequence Variation to .NET Bits and Bobs
Source Conference
 
Extracting Forensic Information From Zeus Derivatives
Source Conference
 
How to Like Social Media Network Security
Source Conference
 
Wfuzz para Penetration Testers
Source Conference
 
Security Goodness with Ruby on Rails
Source Conference
 
Securty Testing For RESTful Applications
Source Conference
 
Esteganografia
Source Conference
 
Men in the Server Meet the Man in the Browser
Source Conference
 
Advanced Data Exfiltration The Way Q Would Have Done It
Source Conference
 
Adapting To The Age Of Anonymous
Source Conference
 
Are Agile And Secure Development Mutually Exclusive?
Source Conference
 
Advanced (persistent) binary planting
Source Conference
 
Legal/technical strategies addressing data risks as perimeter shifts to Cloud
Source Conference
 
Who should the security team hire next?
Source Conference
 
The Latest Developments in Computer Crime Law
Source Conference
 
JSF Security
Source Conference
 
How To: Find The Right Amount Of Security Spend
Source Conference
 

Recently uploaded (20)

PPTX
Dev Dives: Automate, test, and deploy in one place—with Unified Developer Exp...
AndreeaTom
 
PDF
Tea4chat - another LLM Project by Kerem Atam
a0m0rajab1
 
PDF
introduction to computer hardware and sofeware
chauhanshraddha2007
 
PPTX
Simple and concise overview about Quantum computing..pptx
mughal641
 
PDF
NewMind AI Weekly Chronicles – July’25, Week III
NewMind AI
 
PPTX
Agile Chennai 18-19 July 2025 Ideathon | AI Powered Microfinance Literacy Gui...
AgileNetwork
 
PPTX
cloud computing vai.pptx for the project
vaibhavdobariyal79
 
PPTX
AI Code Generation Risks (Ramkumar Dilli, CIO, Myridius)
Priyanka Aash
 
PDF
TrustArc Webinar - Navigating Data Privacy in LATAM: Laws, Trends, and Compli...
TrustArc
 
PPTX
IT Runs Better with ThousandEyes AI-driven Assurance
ThousandEyes
 
PDF
Google I/O Extended 2025 Baku - all ppts
HusseinMalikMammadli
 
PDF
Structs to JSON: How Go Powers REST APIs
Emily Achieng
 
PPTX
The Future of AI & Machine Learning.pptx
pritsen4700
 
PDF
Brief History of Internet - Early Days of Internet
sutharharshit158
 
PDF
RAT Builders - How to Catch Them All [DeepSec 2024]
malmoeb
 
PDF
Build with AI and GDG Cloud Bydgoszcz- ADK .pdf
jaroslawgajewski1
 
PDF
Researching The Best Chat SDK Providers in 2025
Ray Fields
 
PPTX
What-is-the-World-Wide-Web -- Introduction
tonifi9488
 
PDF
A Strategic Analysis of the MVNO Wave in Emerging Markets.pdf
IPLOOK Networks
 
PDF
GDG Cloud Munich - Intro - Luiz Carneiro - #BuildWithAI - July - Abdel.pdf
Luiz Carneiro
 
Dev Dives: Automate, test, and deploy in one place—with Unified Developer Exp...
AndreeaTom
 
Tea4chat - another LLM Project by Kerem Atam
a0m0rajab1
 
introduction to computer hardware and sofeware
chauhanshraddha2007
 
Simple and concise overview about Quantum computing..pptx
mughal641
 
NewMind AI Weekly Chronicles – July’25, Week III
NewMind AI
 
Agile Chennai 18-19 July 2025 Ideathon | AI Powered Microfinance Literacy Gui...
AgileNetwork
 
cloud computing vai.pptx for the project
vaibhavdobariyal79
 
AI Code Generation Risks (Ramkumar Dilli, CIO, Myridius)
Priyanka Aash
 
TrustArc Webinar - Navigating Data Privacy in LATAM: Laws, Trends, and Compli...
TrustArc
 
IT Runs Better with ThousandEyes AI-driven Assurance
ThousandEyes
 
Google I/O Extended 2025 Baku - all ppts
HusseinMalikMammadli
 
Structs to JSON: How Go Powers REST APIs
Emily Achieng
 
The Future of AI & Machine Learning.pptx
pritsen4700
 
Brief History of Internet - Early Days of Internet
sutharharshit158
 
RAT Builders - How to Catch Them All [DeepSec 2024]
malmoeb
 
Build with AI and GDG Cloud Bydgoszcz- ADK .pdf
jaroslawgajewski1
 
Researching The Best Chat SDK Providers in 2025
Ray Fields
 
What-is-the-World-Wide-Web -- Introduction
tonifi9488
 
A Strategic Analysis of the MVNO Wave in Emerging Markets.pdf
IPLOOK Networks
 
GDG Cloud Munich - Intro - Luiz Carneiro - #BuildWithAI - July - Abdel.pdf
Luiz Carneiro
 

Threat Modeling: Best Practices

  • 1. Threat  Modeling  Best  Prac3ces Helping  Making  Threat  Modeling  Work 1
  • 2. About  Robert  Zigweid • Principal  Compliance  Consultant  at  IOAc3ve • CISSP,  PCI  QSA,  PCI  PA-­‐QSA • Experienced  in  threat  modeling  and  SDL 2
  • 3. • What  does  Threat  Modeling  Mean  to  You? 3
  • 4. Taxonomy • Make  sure  everyone  speaks  the  same  language. • Not  just  the  same  words,  but  the  same  meanings. 4
  • 5. Taxonomy STRIDE DREAD All  about  the  type All  about  IMPACT –S  –  Spoofing   • D  –  Damage  Poten3al –T  –  Tampering • R  –  Reproducibility –R  –  Repudia3on • E  –  Exploitability –I  –  Informa3on  Disclosure • A  –  Affected  Users –D  –  Denial  of  Service • D  –  Discoverability –E  –  Eleva3on  of  Privilege 5
  • 6. Taxonomy The  CIA C  –  Confiden3ality I  –  Integrity A  –  Accessibility 6
  • 7. Timing • When  do  you  start  threat  modeling  a  project? • What  you  need  to  know  before  you  start • What  are  you  building? • What  needs  to  be  protected?   • It’s  never  too  late! 7
  • 8. Timing • How  o_en? • At  the  beginning  of  a  new  release  cycle  is  a  great  3me • It’s  not  the  only  3me   • Try  QA • Throw  it  in  as  part  of  a  security  push 8
  • 9. Timing • When  do  you  stop • When  the  project  is  end-­‐of-­‐life • When  you  don’t  care  anymore 9
  • 10. Contributors • Who  came  up  with  that  idea? • Project  Owner • Architects • Developers • Testers • Everyone  else! 10
  • 11. Contributors • How  to  Contribute • Ini3al  brainstorming • But  you  said  that’s  too  early! • So,  record  the  sessions • Before  QA  tes3ng • Emails • Issue  tracker • Who  cares? 11
  • 12. Audience • O_en  overlooked • The  Audience • Management • Architects • Developers • QA • Forensics/Tes3ng • Others? 12
  • 13. Threat  Modeling  and  your  SDL • Threat  Modeling  can  be  the  vehicle  for  your  SDL • Keeps  it  updated • Security  Ques3onnaires  when  considering  features • Deliver  development  requirements  to  developers • Test  Plans • Test  against  iden3fied  threats • Security  Reviews 13
  • 14. Templates • Based  on  Func3on  Type • Grow  the  template  library 14
  • 15. Perspec3ves! • Ahacker! • How  are  they  going  to  get  me? • How  do  I  stop  it? • Assets • What  do  I  care  about  most? • How  do  I  protect  it? 15
  • 16. Understand  Your  Target • Project   • Project  Delivery 16
  • 17. What  about  Agile? • The  good! • Business  people  and  developers  must  work  together   daily  throughout  the  project. • At  regular  intervals,  the  team  reflects  on  how  to   become  more  effec3ve,  then  tunes  and  adjusts  its   behavior  accordingly. • Working  so_ware  is  the  primary  measure  of  progress. • Security  in  so_ware  is  an  essen3al  part  of  “working” 17
  • 18. What  about  Agile? • The  ....bad • Welcome  changing  requirements,  even  late  in   development.   • Deliver  working  so_ware  frequently,  from  a  couple  of   weeks  to  a  couple  of  months,  with  a  preference  to  the   shorter  3mescale. • The  most  efficient  and  effec3ve  method  of  conveying   informa3on  to  and  within  a  development  team  is  face-­‐ to-­‐face  conversa3on. 18
  • 19. Tools • Microso_’s  Threat  Analysis  and  Modeling  (2.1.2) • Pros • Flexibility   • Doesn’t  require  data  flow  diagrams • Has  a  built  in  threat  library  to  reference • Tracks  threat  modeling  data  well • Comes  with  an  ahack  library 19
  • 20. Tools • Microso_’s  Threat  Analysis  and  Modeling  (2.1.2)   (con3nued) • Cons • No  longer  supported • Does  not  use  STRIDE/DREAD,  but  CIA • Data  flow  diagrams  require  Visio • Can  be  difficult  to  begin  working  with • Supplied  ahack  library  doesn’t  necessarily  fit,  and  can  slow   you  down. 20
  • 21. Tools • Microso_  SDL  Threat  Modeling  Tool  (3.1) • Pros • Currently  supported  and  developed  by  Microso_  along  with  their  SDL • Extensible • Can  write  plug-­‐ins  into  your  issue  tracking  system • Cons • It’s  free! • Well  sorta • Flexibility   • Requires  data  flow  diagrams 21
  • 22. Tools • Trike • Pros • Methodology  is  driven  by  the  tool • Methodology  is  very  flexible • Automated  threat  genera3on • Cross-­‐plaporm • Cons • Does  not  scale • Development  of  tool  and  methodology  are  somewhat  slow 22
  • 23. Tools • Others • Prac3cal  Threat  Analysis • What  do  I  use? • Excel  -­‐-­‐  some3mes • Word 23
  • 24. Common  Pipalls • It’s  not  a  one  person  job • Poor  presenta3on • Never,  ever  delete • Once  a  threat,  always  a  threat • It’s  history • Properly  iden3fy  assets 24
  • 25. Common  Pipalls • Keep  your  threats  reasonable • Avoid  Doomsday • Don’t  dig  too  deep • You  can  always  dive  later • Snapshot • Keep  it  versioned 25