9 benefits of Threat Modeling
by Wouter Avondstondt
Posted on
Posted in Threat ModelingSolutionsToreon all

Written by Wouter Avondstondt

This post—9 benefits of Threat Modeling—is the second in a series to educate those who are interested in having their first experience with Threat Modeling. The previous post can be found here.

Intro to Threat Modeling Part 2

9 Benefits of Threat Modeling

This is the second post in our Threat Modeling (TM) series. The series is meant to provide basic information about the practice, why we love it, and how it can make your organization more secure. Check out our previous post here: What is Threat Modeling?

These are the benefits you get from Threat Modeling your application or other system during the design phase:

  • 9 benefits of threat modelingAgreement on design: All parties are around the table, reviewing the system’s design. Any disagreement about how things (should) work can easily arise and be solved. People often have very different understandings of the critical system processes in place. This can be aligned easily with Threat Modeling.
  • Completeness of vision: A Threat Model provides a high-level view of the system. Analysis can go in-depth as needed. This top-down approach ensures that people understand the whole system and all its links.
  • Shared security vision: Instead of just pointing out problems, as the typical penetration test does, Threat Modeling provides agreement on handling security. It aligns your system’s security with the organization’s security policy.
  • Flaw prevention: Obviously, we assume you are doing Threat Modeling during the design phase. Threat Modeling will show flaws that could become vulnerabilities early in the process. Preventing problems is cheap — solving them after the fact is not!
  • Risk control: Threat Modeling discovers flaws and helps calculate risk. This means you can prioritize mitigations and manage risk in the system according to the organization’s policies.
  • Development priorities: Once risk is identified and quantified, it becomes easier to prioritize development to address the highest risk first. Risk becomes a factor in planning the development of your system.
  • Penetration test planning: A Threat Model data flow diagram easily shows the weak spots in your design or the points where pressure might compromise the system. Those are great areas to designate for penetration testing. In large systems, penetration testing becomes more targeted, efficient, and therefore more economical (you can save money!).
  • Proof of ‘Security-by-Design’: Threat Modeling is the best way to show you have considered security and privacy during the design of your system. This is truly Security-by-Design (and Privacy-by-Design).
  • Proof of compliance: When you are audited for compliance or have to show a third party that you are on top of security and privacy, pull out your up-to-date Threat Model, and you’re good! Threat Models complement GDPR-related Data Protection Impact Assessments (DPIAs) particularly well for more complex systems.

That’s it. Do you need more reasons to do Threat Modeling?

Please read about our Threat Modeling practice or get trained yourself.

Want to experience these benefits in your own organisation?

Our Threat Modeling learning platform combines a free Threat Modeling Introduction Course with the Threat Modeling Insider community. You learn the basics step by step and connect with others who use threat modeling to improve product security and privacy by design.

Discover the course and community here: https://training.toreon.com/

Read our next post, ‘Threat Modeling versus Pentesting’.

Start typing and press Enter to search

Shopping Cart