Threat modelling

Transcript

1. THREAT MODELING DEVFEST17 - NOVEMBER 2017 WARREN GAVIN (@APOKRUPTO)

2. None

3. DANNY

4. None

5. WHAT YOU WANTED WHAT YOU WROTE THREAT MODELING - @APOKRUPTO

6. QUESTIONS THREAT MODELING - @APOKRUPTO

7. QUESTIONS THREAT MODELING - @APOKRUPTO WHY

8. QUESTIONS THREAT MODELING - @APOKRUPTO WHY WHO

9. QUESTIONS THREAT MODELING - @APOKRUPTO WHY WHO WHAT

10. QUESTIONS THREAT MODELING - @APOKRUPTO WHY WHO WHAT HOW

11. QUESTIONS THREAT MODELING - @APOKRUPTO WHY WHO WHAT HOW WHEN

12. None

13. TERRY

14. None

15. WHY? THREAT MODELING - @APOKRUPTO

16. WHY? THREAT MODELING - @APOKRUPTO BUILD A SECURE SYSTEM

17. None
18. None

19. WHY? THREAT MODELING - @APOKRUPTO BUILD A SECURE SYSTEM

20. WHY? THREAT MODELING - @APOKRUPTO BUILD A SECURE SYSTEM FOR

    A GIVEN VALUE OF ‘SECURE'

21. MEANWHILE

22. None

23. WH0? THREAT MODELING - @APOKRUPTO

24. WH0? THREAT MODELING - @APOKRUPTO EVERYONE

25. WH0? THREAT MODELING - @APOKRUPTO EVERYONE YOU DON’T NEED TO

    BE AN EXPERT

26. MEANWHILE

27. None

28. SAUL

29. None
30. None

31. WHAT? THREAT MODELING - @APOKRUPTO

32. WHAT? THREAT MODELING - @APOKRUPTO ASSETS

33. WHAT? THREAT MODELING - @APOKRUPTO ASSETS - DATA, CONFIDENTIAL INFORMATION

34. WHAT? THREAT MODELING - @APOKRUPTO ASSETS - DATA, CONFIDENTIAL INFORMATION

    - COMPANY REPUTATION

35. MEANWHILE

36. None
37. None
38. None

39. HOW? THREAT MODELING - @APOKRUPTO

40. HOW? THREAT MODELING - @APOKRUPTO PREDICTION IS VERY DIFFICULT, ESPECIALLY

    ABOUT THE FUTURE Niels Bohr

41. HOW? THREAT MODELING - @APOKRUPTO ANALYSE

42. HOW? THREAT MODELING - @APOKRUPTO ANALYSE DATA FLOW

43. HOW? THREAT MODELING - @APOKRUPTO ANALYSE DATA FLOW METHODOLOGY

44. HOW? THREAT MODELING - @APOKRUPTO ANALYSE DATA FLOW METHODOLOGY STRIDE

45. MEANWHILE

46. None
47. None

48. BRUISER

49. None

50. HOW? - DATA FLOW THREAT MODELING - @APOKRUPTO

51. THREAT MODELING - @APOKRUPTO PROCESS HOW? - DATA FLOW

52. THREAT MODELING - @APOKRUPTO PROCESS MULTI PROCESS HOW? - DATA

    FLOW

53. THREAT MODELING - @APOKRUPTO PROCESS MULTI PROCESS EXTERNAL ENTITY HOW?

    - DATA FLOW

54. THREAT MODELING - @APOKRUPTO PROCESS MULTI PROCESS DATA STORE EXTERNAL

    ENTITY HOW? - DATA FLOW

55. DATA FLOW THREAT MODELING - @APOKRUPTO PROCESS MULTI PROCESS DATA

    STORE EXTERNAL ENTITY HOW? - DATA FLOW

56. DATA FLOW THREAT MODELING - @APOKRUPTO PROCESS MULTI PROCESS DATA

    STORE TRUST BOUNDARY EXTERNAL ENTITY HOW? - DATA FLOW

57. THREAT MODELING - @APOKRUPTO DATA STORE USER HOW? - DATA

    FLOW

58. MEANWHILE

59. None
60. None

61. HOW? - STRIDE THREAT MODELING - @APOKRUPTO

62. THREAT MODELING - @APOKRUPTO SPOOFING HOW? - STRIDE

63. THREAT MODELING - @APOKRUPTO SPOOFING TAMPERING HOW? - STRIDE

64. THREAT MODELING - @APOKRUPTO SPOOFING TAMPERING REPUDIATION HOW? - STRIDE

65. THREAT MODELING - @APOKRUPTO INFORMATION DISCLOSURE HOW? - STRIDE

66. THREAT MODELING - @APOKRUPTO INFORMATION DISCLOSURE DENIAL OF SERVICE HOW?

    - STRIDE

67. THREAT MODELING - @APOKRUPTO INFORMATION DISCLOSURE DENIAL OF SERVICE ELEVATION

    OF PRIVILEGE HOW? - STRIDE

68. MEANWHILE

69. None
70. None

71. HOW? - STRIDE/ELEMENT THREAT MODELING - @APOKRUPTO

72. THREAT MODELING - @APOKRUPTO ENTITY: SR HOW? - STRIDE/ELEMENT

73. THREAT MODELING - @APOKRUPTO ENTITY: SR PROCESS: STRIDE HOW? -

    STRIDE/ELEMENT

74. THREAT MODELING - @APOKRUPTO ENTITY: SR PROCESS: STRIDE DATA STORE:

    TRID HOW? - STRIDE/ELEMENT

75. THREAT MODELING - @APOKRUPTO ENTITY: SR PROCESS: STRIDE DATA STORE:

    TRID DATA FLOW: TID HOW? - STRIDE/ELEMENT

76. MEANWHILE

77. None
78. None

79. THREAT MODELING - @APOKRUPTO HOW? - QUANTIFY

80. THREAT MODELING - @APOKRUPTO DAMAGE HOW? - QUANTIFY

81. THREAT MODELING - @APOKRUPTO DAMAGE REPRODUCIBILITY HOW? - QUANTIFY

82. THREAT MODELING - @APOKRUPTO DAMAGE REPRODUCIBILITY EXPLOITABILITY HOW? - QUANTIFY

83. THREAT MODELING - @APOKRUPTO DAMAGE REPRODUCIBILITY EXPLOITABILITY AFFECTED USERS HOW?

    - QUANTIFY

84. THREAT MODELING - @APOKRUPTO DAMAGE REPRODUCIBILITY EXPLOITABILITY AFFECTED USERS DISCOVERABILITY

    HOW? - QUANTIFY

85. DREAD

86. MEANWHILE

87. None

88. THREAT MITIGATION THREAT MODELING - @APOKRUPTO

89. THREAT MODELING - @APOKRUPTO A THREAT WITH NO MITIGATION IS

    A VULNERABILITY THREAT MITIGATION

90. THREAT MITIGATION THREAT MODELING - @APOKRUPTO

91. THREAT MITIGATION THREAT MODELING - @APOKRUPTO REDESIGN

92. THREAT MITIGATION THREAT MODELING - @APOKRUPTO REDESIGN STANDARD MITIGATION

93. THREAT MITIGATION THREAT MODELING - @APOKRUPTO REDESIGN STANDARD MITIGATION CUSTOM

    MITIGATION

94. THREAT MITIGATION THREAT MODELING - @APOKRUPTO REDESIGN STANDARD MITIGATION CUSTOM

    MITIGATION ACCEPT

95. THREAT MITIGATION THREAT MODELING - @APOKRUPTO AUTHENTICATION

96. THREAT MODELING - @APOKRUPTO AUTHENTICATION INTEGRITY CHECKS THREAT MITIGATION

97. THREAT MODELING - @APOKRUPTO AUTHENTICATION INTEGRITY CHECKS NON-REPUDIATION THREAT MITIGATION

98. THREAT MODELING - @APOKRUPTO CONFIDENTIALITY THREAT MITIGATION

99. THREAT MODELING - @APOKRUPTO CONFIDENTIALITY AVAILABILITY THREAT MITIGATION

100. THREAT MODELING - @APOKRUPTO CONFIDENTIALITY AVAILABILITY AUTHORISATION THREAT MITIGATION

101. TERRY’S THREAT MODEL

102. None

103. SPOOFING

104. None

105. TAMPERING

106. None

107. REPUDIATION

108. None

109. INFORMATION DISCLOSURE

110. None

111. DENIAL OF SERVICE

112. None

113. ELEVATION OF PRIVILEGE

114. WHEN? THREAT MODELING - @APOKRUPTO

115. WHEN? THREAT MODELING - @APOKRUPTO AT DESIGN TIME IS BEST

116. WHEN? THREAT MODELING - @APOKRUPTO AT DESIGN TIME IS BEST

     BUT KEEP RE-EVALUATING

117. WHEN? THREAT MODELING - @APOKRUPTO AT DESIGN TIME IS BEST

     BUT KEEP RE-EVALUATING IT’S NEVER TOO LATE

118. WHEN? THREAT MODELING - @APOKRUPTO AT DESIGN TIME IS BEST

     BUT KEEP RE-EVALUATING IT’S NEVER TOO LATE UNLESS IT’S TOO LATE
119. None

120. TERRY

121. IDIOT

122. DON’T BE A TERRY

123. OBLIGATORY THANK YOU SLIDE THREAT MODELING - @APOKRUPTO