Threat modeling is the practice of conceptualizing your organization’s worst security fears and how to prevent or mitigate the effects of threats to your system. Top vulnerabilities must be identified, enumerated, and prioritized—all from the point of view of your hypothetical attackers.
Our success stories feature real-world security scenarios. You’ll discover varied approaches adopted by your peers in partnering with Bishop Fox, and how our application security services helped organizations, large and small, across an array of industries assess, identify, and minimize risks.
Securing a Competitive Advantage
As their business expanded, we were there to help Change Healthcare grow and evolve their security posture.
You’re Already Doing Threat Modeling.
Whether it is buckling your seatbelt when you get in your car or turning on your alarm system before you leave your house, you’re already engaging in some form of threat modeling.
Every organization is a target. Threat modeling is a way of realistically viewing a high-risk situation and how you would circumvent it (see example of threats in Figure 1 below). So if the situation should ever manifest, your organization knows the next steps to take and isn’t left helpless or scrambling to act as the smoke clears.
How Do You Start?
Begin with a diagram, similar to the example below, that includes data flows, internal and external processes, and identified trust boundaries. You’ll need to balance the level of detail with enough information to understand a system’s purpose (but without going too deep into specifics of port numbers or variable names).
Identify vulnerabilities and threat actors
You can search for applicable threats whether by identifying potential threat actors, building attack threes, creating attack scenarios, or playing the card game, “Elevation of Privilege” (EOP).
Identify defensive capabilities
From there, evaluate the model across separate teams (design, engineering, operations, support). Ask questions like: “What did we miss? Is the response valid? Did we file a ticket/bug/action item for each mitigation?”
Determine risk score
What is our highest priority?” Be objective and realistic.
Where Does Threat Modeling Fall into My Cybersecurity Program?
Threat modeling isn’t necessarily a first step, but it is a preliminary step. The image below illustrates when to best conduct threat modeling.
What Else Should I Know?
Your first few attempts might be rough, but with time, you will improve at thinking of the threats to your security from a holistic perspective and considering every aspect of the equation. You will eventually become aware of threats you never previously considered and become adept at addressing threats before they escalate into security events or incidents.