There may be security mechanisms such as firewalls and intrusion detection systems protecting the network layer. However, Application-level threats and vulnerabilities may not be stopped or detected. Threat Modelling aims to optimize application security by analyzing potential threats, identifying countermeasures, and reducing fielded vulnerabilities. A good balance between security and usability is necessary. Below are the key stages of threat modelling:

Diagram

  • Define the scope of the threat model.
  • Understand the application being developed.
  • How the software works,
  • Context on how the software will be used,
  • Who will be utilizing the software.
  • Create DataFlow Diagrams (DFD), which include:
    • External entity (interacting entities outside the application),
    • Processes (tasks that handle data within the application or perform actions based on data),
  • Data Stores (the location where data is stored),
  • Data Flows (movement of data within the application),
  • Trust Boundary (the change of trust levels as data flows through the application).
  • Identify the application’s attack surfaces and build a foundation for threat analysis.

Identify Threats

  • Focus on identifying potential threats to the application utilizing the diagrams created during the first stage.
  • STRIDE: Software security risks include spoiling, tampering, information disclosure, repudiation, denial of service, and elevation of privilege.
  • Cyber Kill Chain for assessing and preventing threats. Identify techniques and procedures that adversaries incorporate in an attack such as Reconnaissance, Weaponization, Delivery,
    Exploitation, Installation, Command & Control, and actions on objectives.
  • CAPEC (Common Attack Pattern Enumeration and Classification) is a dictionary of known attack patterns adversaries use.

Mitigate

  • Apply appropriate secure design strategies and leverage security best practices for your organization and its security objectives.
  • Strong authentication,
  • Proper input validation,
  • Audit logging,
  • Strong encryption,
  • Limiting resource consumption with resource quotas,
  • Proper authorization methods and least privilege.

Validate

  • Focus on the quality of research and actions, feasibility of solutions, progress made, and alignment with plans—document findings.
  • Ensure you focus on your application architects, developers, security assessment teams, quality assurance teams, and more.

E Com Security Solutions’ Application Security offering helps organisations with cyber capabilities and solutions focused on the security and resilience of enterprise applications. This includes embedding security, controls and resilience as a part of the system development lifecycle from requirements to ongoing maintenance. The scope of applications includes large enterprise software packages, customized enterprise applications, and consumer-facing applications. We assist clients with governance, culture and skills to embed security into development processes, including agile or waterfall, and provide methods and tools to build and test application security (threat modelling, design review, application controls, pen testing, SAST, DAST, etc.), and the integration of toolchains for software developers.