An introduction to threat modelling for your project.
THREATMODELINGDEVFEST17 - NOVEMBER 2017WARREN GAVIN (@APOKRUPTO)
View Slide
DANNY
WHAT YOU WANTEDWHAT YOU WROTETHREAT MODELING - @APOKRUPTO
QUESTIONSTHREAT MODELING - @APOKRUPTO
QUESTIONSTHREAT MODELING - @APOKRUPTOWHY
QUESTIONSTHREAT MODELING - @APOKRUPTOWHYWHO
QUESTIONSTHREAT MODELING - @APOKRUPTOWHYWHOWHAT
QUESTIONSTHREAT MODELING - @APOKRUPTOWHYWHOWHATHOW
QUESTIONSTHREAT MODELING - @APOKRUPTOWHYWHOWHATHOWWHEN
TERRY
WHY?THREAT MODELING - @APOKRUPTO
WHY?THREAT MODELING - @APOKRUPTOBUILD A SECURE SYSTEM
WHY?THREAT MODELING - @APOKRUPTOBUILD A SECURE SYSTEMFOR A GIVEN VALUE OF‘SECURE'
MEANWHILE
WH0?THREAT MODELING - @APOKRUPTO
WH0?THREAT MODELING - @APOKRUPTOEVERYONE
WH0?THREAT MODELING - @APOKRUPTOEVERYONEYOU DON’T NEED TO BEAN EXPERT
SAUL
WHAT?THREAT MODELING - @APOKRUPTO
WHAT?THREAT MODELING - @APOKRUPTOASSETS
WHAT?THREAT MODELING - @APOKRUPTOASSETS- DATA, CONFIDENTIALINFORMATION
WHAT?THREAT MODELING - @APOKRUPTOASSETS- DATA, CONFIDENTIALINFORMATION- COMPANY REPUTATION
HOW?THREAT MODELING - @APOKRUPTO
HOW?THREAT MODELING - @APOKRUPTOPREDICTION IS VERYDIFFICULT, ESPECIALLYABOUT THE FUTURENiels Bohr
HOW?THREAT MODELING - @APOKRUPTOANALYSE
HOW?THREAT MODELING - @APOKRUPTOANALYSEDATA FLOW
HOW?THREAT MODELING - @APOKRUPTOANALYSEDATA FLOWMETHODOLOGY
HOW?THREAT MODELING - @APOKRUPTOANALYSEDATA FLOWMETHODOLOGYSTRIDE
BRUISER
HOW? - DATA FLOWTHREAT MODELING - @APOKRUPTO
THREAT MODELING - @APOKRUPTOPROCESSHOW? - DATA FLOW
THREAT MODELING - @APOKRUPTOPROCESSMULTIPROCESSHOW? - DATA FLOW
THREAT MODELING - @APOKRUPTOPROCESSMULTIPROCESSEXTERNAL ENTITYHOW? - DATA FLOW
THREAT MODELING - @APOKRUPTOPROCESSMULTIPROCESSDATA STOREEXTERNAL ENTITYHOW? - DATA FLOW
DATA FLOWTHREAT MODELING - @APOKRUPTOPROCESSMULTIPROCESSDATA STOREEXTERNAL ENTITYHOW? - DATA FLOW
DATA FLOWTHREAT MODELING - @APOKRUPTOPROCESSMULTIPROCESSDATA STORETRUST BOUNDARYEXTERNAL ENTITYHOW? - DATA FLOW
THREAT MODELING - @APOKRUPTODATA STOREUSERHOW? - DATA FLOW
HOW? - STRIDETHREAT MODELING - @APOKRUPTO
THREAT MODELING - @APOKRUPTOSPOOFINGHOW? - STRIDE
THREAT MODELING - @APOKRUPTOSPOOFINGTAMPERINGHOW? - STRIDE
THREAT MODELING - @APOKRUPTOSPOOFINGTAMPERINGREPUDIATIONHOW? - STRIDE
THREAT MODELING - @APOKRUPTOINFORMATION DISCLOSUREHOW? - STRIDE
THREAT MODELING - @APOKRUPTOINFORMATION DISCLOSUREDENIAL OF SERVICEHOW? - STRIDE
THREAT MODELING - @APOKRUPTOINFORMATION DISCLOSUREDENIAL OF SERVICEELEVATION OF PRIVILEGEHOW? - STRIDE
HOW? - STRIDE/ELEMENTTHREAT MODELING - @APOKRUPTO
THREAT MODELING - @APOKRUPTOENTITY: SRHOW? - STRIDE/ELEMENT
THREAT MODELING - @APOKRUPTOENTITY: SRPROCESS: STRIDEHOW? - STRIDE/ELEMENT
THREAT MODELING - @APOKRUPTOENTITY: SRPROCESS: STRIDEDATA STORE: TRIDHOW? - STRIDE/ELEMENT
THREAT MODELING - @APOKRUPTOENTITY: SRPROCESS: STRIDEDATA STORE: TRIDDATA FLOW: TIDHOW? - STRIDE/ELEMENT
THREAT MODELING - @APOKRUPTOHOW? - QUANTIFY
THREAT MODELING - @APOKRUPTODAMAGEHOW? - QUANTIFY
THREAT MODELING - @APOKRUPTODAMAGEREPRODUCIBILITYHOW? - QUANTIFY
THREAT MODELING - @APOKRUPTODAMAGEREPRODUCIBILITYEXPLOITABILITYHOW? - QUANTIFY
THREAT MODELING - @APOKRUPTODAMAGEREPRODUCIBILITYEXPLOITABILITYAFFECTED USERSHOW? - QUANTIFY
THREAT MODELING - @APOKRUPTODAMAGEREPRODUCIBILITYEXPLOITABILITYAFFECTED USERSDISCOVERABILITYHOW? - QUANTIFY
DREAD
THREAT MITIGATIONTHREAT MODELING - @APOKRUPTO
THREAT MODELING - @APOKRUPTOA THREAT WITH NOMITIGATION IS AVULNERABILITYTHREAT MITIGATION
THREAT MITIGATIONTHREAT MODELING - @APOKRUPTOREDESIGN
THREAT MITIGATIONTHREAT MODELING - @APOKRUPTOREDESIGNSTANDARD MITIGATION
THREAT MITIGATIONTHREAT MODELING - @APOKRUPTOREDESIGNSTANDARD MITIGATIONCUSTOM MITIGATION
THREAT MITIGATIONTHREAT MODELING - @APOKRUPTOREDESIGNSTANDARD MITIGATIONCUSTOM MITIGATIONACCEPT
THREAT MITIGATIONTHREAT MODELING - @APOKRUPTOAUTHENTICATION
THREAT MODELING - @APOKRUPTOAUTHENTICATIONINTEGRITY CHECKSTHREAT MITIGATION
THREAT MODELING - @APOKRUPTOAUTHENTICATIONINTEGRITY CHECKSNON-REPUDIATIONTHREAT MITIGATION
THREAT MODELING - @APOKRUPTOCONFIDENTIALITYTHREAT MITIGATION
THREAT MODELING - @APOKRUPTOCONFIDENTIALITYAVAILABILITYTHREAT MITIGATION
THREAT MODELING - @APOKRUPTOCONFIDENTIALITYAVAILABILITYAUTHORISATIONTHREAT MITIGATION
TERRY’STHREATMODEL
SPOOFING
TAMPERING
REPUDIATION
INFORMATIONDISCLOSURE
DENIAL OFSERVICE
ELEVATION OFPRIVILEGE
WHEN?THREAT MODELING - @APOKRUPTO
WHEN?THREAT MODELING - @APOKRUPTOAT DESIGN TIME IS BEST
WHEN?THREAT MODELING - @APOKRUPTOAT DESIGN TIME IS BESTBUT KEEP RE-EVALUATING
WHEN?THREAT MODELING - @APOKRUPTOAT DESIGN TIME IS BESTBUT KEEP RE-EVALUATINGIT’S NEVER TOO LATE
WHEN?THREAT MODELING - @APOKRUPTOAT DESIGN TIME IS BESTBUT KEEP RE-EVALUATINGIT’S NEVER TOO LATEUNLESS IT’S TOO LATE
IDIOT
DON’T BEA TERRY
OBLIGATORY THANK YOUSLIDETHREAT MODELING - @APOKRUPTO