Application security is a multilayered approach that requires a combination of technical controls, secure development practices, user awareness, and proactive monitoring. It should be considered at the earliest stage of the software development lifecycle. Threat modelling evaluates information affecting an application’s security and organizes it into a structured representation to define effective countermeasures to mitigate and/or thwart threats appropriately.

  • Early identification of security risks
  • Improved security posture
  • Cost-effective security improvements
  • Integration with the development process
  • Compliance with regulations and standards
  • Enhanced collaboration
  • Risk-based decision making
  • Scalability and adaptability

Threat modelling can be done at any stage during the development lifecycle. However, doing it early may be more beneficial as it improves the ability to handle security risks associated with the application’s design. Below are the key advantages of threat modelling.

Application Threat Modeling During Requirements Phase

Understand the business requirements: Thoroughly understand the intended functionality, purpose, and business objectives. Collaborate with stakeholders to identify the desired features and functionality of the application.

  1. Identify and prioritize security requirements: Identify security requirements for incorporation. The requirements should align with security policies, industry best practices, and regulatory standards. Prioritize security requirements based on their criticality and impact on the overall security posture.
  2. Identify potential threats and risks: Analyze potential threats and risks the application may face based on its intended functionality and assets. Consider internal and external threats, and document threats and dangers.
  3. Map security controls to requirements: Identify security controls or measures that address identified threats and risks. Match these to corresponding security requirements, ensuring the application’s security objectives are met.
  4. Document security-related assumptions: Document assumptions made. Assumptions can be related to the application’s security controls, external dependencies, user behaviours, etc. Documentation ensures that everyone involved has a shared understanding of the application’s security assumptions.
  5. Validate requirements with stakeholders: Engage relevant stakeholders to validate identified security requirements. Seek input and feedback to ensure that requirements are comprehensive, feasible, and aligned with the project goals.
  6. Iterative refinement: The threat model should be refined as the requirements evolve throughout the development lifecycle. It should also be periodically reviewed and updated to incorporate changes in the application’s scope, functionality, or external factors. This iterative approach ensures the threat model remains relevant and current throughout the requirements phase.

Threat Modeling Process

  1. Application Identification: Document the name of the application, its source, and its purpose.
  2. Define Common Usage:  Document the key usage scenarios for the application and the user types.
  3. Define User Roles: Document the user roles required for access control and the privileges assigned. This will help make the roles and privileges clear and understandable.
  4. Technologies Used: Document the technologies and features used in the application
  5. Identify External Dependencies: List external dependencies, such as other computer systems, databases and external data feeds.
  6. Enumerate Security Assumptions: Security assumptions about the application’s operating environment are made to ensure the product’s secure operation.
  7. Identify Entry Points: External interfaces of the modelled systems are locations where the system provides or gathers data on behalf of the external entity.s
  8. Construct Data Flow Diagrams (DFDs): These diagrams show external entities, processes, data stores, data flows, and boundaries.
  9. Threat Identification: List threats to Processes, Data Stores, Data Flows, External entities
  10. Risk Determination
  11. Mitigation Identification
  12. Validation

E Com Security Solutions’ Application Security offering helps organisations with cyber capabilities and solutions focused on the security and resilience of enterprise applications. This includes embedding security, controls and resilience as a part of the system development lifecycle from requirements to ongoing maintenance. The scope of applications includes large enterprise software packages, customized enterprise applications, and consumer-facing applications. We assist clients with governance, culture and skills to embed security into development processes, including agile or waterfall, and provide methods and tools to build and test application security (threat modelling, design review, application controls, pen testing, SAST, DAST, etc.), and the integration of toolchains for software developers.