What is a threat modeling
A threat model is comprised of the representation of software and hardware used in a system, the connections (data flows) between them and the trust boundaries in the system. Threat modeling can be performed before a system has been implemented and can, therefore, be used to identify and implement required threat mitigation techniques into the system design before other verification methods can be used (e.g System testing).
The threat modeling process can be broken up into 6 stages:
- Identify Assets (Group Component).
- Document Architecture (Group Component)
- Decompose the application (Group Component)
- Identify the threats (STRIDE)
- Document Threats (Microsoft Threat Modelling Tool 2016)
- Rate the threats (DREAD)