TMI newsletter 1 (28-feb-2019)
by Sebastien Deleersnyder
Posted on
Posted in Threat ModelingTMIToreon all

Written by Sebastien Deleersnyder

Welcome

Hi there, we’re glad you are reading our first edition of the Threat Modeling Insider. With this newsletter, we promise you’ll receive valuable and curated content about threat modeling that will help you bootstrap or elevate your security knowledge and skills.

This first edition of “TMI” features:

  • A guest article by Adam Shostack
  • Our threat modeling tip of the month
  • A free threat modeling guide
  • Curated articles from Bruce Schneier and Avi Douglen
  • Updates on upcoming Toreon trainings

STRIDE’s 20th anniversary

Guest article by Adam Shostack

We’re at an exciting inflection point for threat modeling.  Next month marks the 20th anniversary of the STRIDE model of threats.  STRIDE was the first technique that guided threat analysis.  (Attack trees, which are earlier, help to structure it, but don’t provide guidance.)

We’ve seen threat modeling evolve from an expert-only activity, acquired by apprenticeship and driven by exhortations like “think like an attacker” to become a discipline non-experts can apply.

We have ways to discuss threat models (attacker-centric vs software-centric).  We have a Cambrian explosion of tool concepts: Microsoft’s Threat Modeling Tool, an IDE for threat modeling; Tutamen’s microservicesContinuum’s enterprise IriusRiskPyTM’s threat models in the code; my own Elevation of Privilege card deck, with privacy variants and Alexa skills, and more, too numerous to name.

We have frameworks that allow us to compare methods and evolve them.

We have threat modeling tracks at conferences like the Open Security Summit, a discipline that didn’t exist 20 years ago.  We have active communities at OWASPI Am The Cavalry and elsewhere.  We have people whose job title includes the words “threat modeling.”

We have government regulators who want to see security to be systematic, structured and comprehensive, and I don’t know how to do that without threat modeling.

When I wrote my book, I was able to survey almost everything written on the subject. That chapter ended up, appropriately, on the cutting room floor.  (It didn’t deliver enough to the general reader.)  It was a manageable task because there just wasn’t that much.  Today, when I teach, my students bring me new approaches, new technique and new tools.  They bring threat modeling to new domains, new technologies and they solve problems.

Today, Toreon sees enough interest and activity to set up a monthly newsletter.

It’s an exciting time, and we ain’t seen nothing yet.

Adam Shostack

Free Toreon Whiteboard Hacking survival guide

This survival guide is a companion to our whiteboard hacking trainings. It provides you with practical guidance and examples that you can rely on when starting your own threat modeling workshops. Our guide will help you to go through the stages of threat modeling:
  • Identify what you are building with data flow diagrams
  • Discover threats with STRIDE
  • Recommend standard mitigations
  • Calculate risks of discovered design vulnerabilities

Direct download HERE.

Curated threat modeling content

Attack trees article, by Bruce Schneier

Attack trees have a long history as an alternative for STRIDE analysis to discover threats. In this article from Bruce Schneier you’ll learn to build attack trees, and how and when to apply them. This article might be 20 years old, but we have found it useful to train a large number of beginners in threat modeling.

Value driven threat modeling video, by Avi Douglen

What if we could get developers to apply threat modeling techniques, and embed secure design right in the product from the beginning? In his talk at OWASP AppSecUSA 2018, Avi Douglen describes a lightweight, value-driven approach that favors agility, speed, and integration with the existing development cycle not just to minimize risk, but to lower security costs. View it on YouTube.

Tip of the month

We came across this article and the Draw.io libraries for threat modeling from Michael Henriksen. Getting draw.io set up for threat modeling is easy:
  1. Download and install draw.io for your operating system of choice
  2. Clone or download the Github repository
  3. Open draw.io application and create a new blank diagram
  4. Click the File menu and then click Open Library
  5. Navigate to where you put the Github repository and open one of the XML files

Want to learn more about Threat Modeling training? Contact us, so we can organize one in your neck of the woods.

We aim to make this a community driven newsletter and welcome your input or feedback.
If you have content or pointers for the next edition, please share them with us.

Kind regards,
Sebastien Deleersnyder
CEO, Toreon

Want to know more?

Subscribe to our TMI newsletter

Start typing and press Enter to search

Shopping Cart