Real-world Threat Modeling

Slide 1

Slide 1 text

Real-world Threat Modeling 17-19 July 2024 • Berlin, Germany WeAreDevelopers World Congress 2024 The world’s leading event for developers

Slide 2

Slide 2 text

Readme! Ali Yazdani ● +10 years of security experience ● Principal Security Engineer @ ● OWASP DevSecOps Guideline Project Lead asecurityengineer.com @asecengineer linkedin.com/in/aliyazdani

Slide 3

Slide 3 text

Intro!

Slide 4

Slide 4 text

Shift-Left journey

Slide 5

Slide 5 text

The basics of Threat Modeling What is Threat Modeling? What is the goal? Why we need Threat Modeling?

Slide 6

Slide 6 text

Threat Modeling in Cycle

Slide 7

Slide 7 text

Threat Modeling Terminologies ● Weakness: A software defect or bug. ● Vulnerability: A weakness that can be exploited. ● Attack: Exploitation of vulnerabilities. ○ Target: The goal of the attack. ● Attack Surface: The attack surface is everything that can be attacked. ● Risk: Impact and likelihood of a threat being exploited (Risk = Impact x Likelihood). ● Impact: Size of negative consequences that each risk brings. ● Likelihood: Probability of a risk to happen. ○ Attack Vector: The path that the attacker can take to exploit a vulnerability. ○ Threat Actor: The threat source

Slide 8

Slide 8 text

The Terminologies Relations

Slide 9

Slide 9 text

Threat Modeling Methodologies ● PASTA ● STRIDE ● OCTAVE ● TRIKE ● VAST

Slide 10

Slide 10 text

STRIDE STRIDE is a threat modeling framework developed by Microsoft. - Spooﬁng - Tampering - Repudiation - Information Disclosure - Denial of Service - Elevation of Privilege STRIDE Components:

Slide 11

Slide 11 text

STRIDE Workﬂow

Slide 12

Slide 12 text

DFD’s Elements - Process: Any running code - Data ﬂow: Communications between elements - Data store: Places that store data - External entity: People or code out of our control

Slide 13

Slide 13 text

STRIDE per Element

Slide 14

Slide 14 text

Addressing Each Threat ● Mitigating threats ● Eliminating threats ● Transferring threats ● Accepting the risk We have 4 options here:

Slide 15

Slide 15 text

Let's get our hands dirty!

Slide 16

Slide 16 text

DFD - Level 0

Slide 17

Slide 17 text

DFD - Level 1

Slide 18

Slide 18 text

DFD - Level 2

Slide 19

Slide 19 text

Threat Modeling - Step 0 TRUST BOUNDARIES

Slide 20

Slide 20 text

Threat Modeling - Step 1 to N

Slide 21

Slide 21 text

Threat Modeling - Admin dashboard process

Slide 22

Slide 22 text

Threat Modeling - front-end process

Slide 23

Slide 23 text

References & read more ● Threat Modeling - Designing for Security, Adam Shostack ● Threat Modeling, Izar Tarandach and Matthew J. Coles ● OWASP Threat Modeling Process ● OWASP DevSecOps Guideline ● OWASP Threat Dragon ● Smart Home Threat Model (A Great Example) * All icons are from FLATICON

Slide 24

Slide 24 text

Thanks If you have any other questions, you can reach out me via Social Media. @asecengineer linkedin.com/in/aliyazdani