Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Secure by design: introduction to threat modeling

Secure by design: introduction to threat modeling

An introduction to threat modeling and some ideas on how to integrate it in yours teams.

Jérémy Courtial

June 20, 2018
Tweet

More Decks by Jérémy Courtial

Other Decks in Technology

Transcript

  1. Client client hello TLS versions, cipher suites, … server hello

    Selected version/cipher, certificate, … client key exchange encrypted pre-master key Verify certificate, parameters Decrypt using private key Server Encrypt using public key
  2. R S E D I T poofing epudiation nformation disclosure

    enial of service levation of privilege ampering
  3. Publisher Broker Subscriber What Tampering How Unsecured persistence mechanism Strategy

    Accept risk? Redesign: disable persistence? Mitigate: setup system-level protections? Mitigate: encrypt end-to-end?
  4. Schedule a 4 hours meeting Invite half the devs, half

    the ops and some people with long titles Have them produce a 20-pages long threat model
  5. Not a threat modeling meeting per-se… … more like «

    Hey! While we’re all here … » Parasite-security
  6. Use HSTS Must be HTTPS-only Store secrets inside Vault Have

    anti-CSRF mechanism … See Spring-Security ?
  7. Questions? Thank you To win! Icons created by Tomas Knopp,

    Edwin Prayogi M and Dima Lagunov from the thenounproject.com