Threat Modeling

The purpose of proactive threat modeling is to provide defenders with a systematic analysis of the probable attacker’s profile, the most likely attack vectors, and the assets most desired by an attacker. Threat modeling answers the questions;

• “Where are the high-value assets?”
• “Where am I most vulnerable to attack?”
• “What are the most relevant threats?”
• “Is there an attack vector that might go unnoticed?”

Conceptually, most people incorporate some form of threat modeling in their daily life and don’t even realize it. Commuters use threat modeling to consider what might go wrong during the morning drive to work and to take preemptive action to avoid possible accidents. Children engage in threat modeling when determining the best path toward an intended goal while avoiding the playground bully. 

Our adroit threat modeling exercise and table top exercises puts your people an systems to the ultimate test of what is possible when a motivated adversary targets your organization ultimately improving your organizational resiliency. 

myths of threat modeling

1.  "We already do pen-tests with tools AND people … we don't need to do threat modeling.
2. "The system is already built and deployed … there's no reason to do threat modeling."
3.  "We did a threat model when the system was built … we don't need to do it again."  "Threat modeling is too complicated."
4. "We don't have software security experts, so we can't do threat modeling."
5.  "I'm doing threat modeling at all the right times ... there's no reason to do pen tests or code reviews or anymore."

Areas to consider

1. PHYSICAL - This is the lowest layer where the hardware shares the same physical, real-world space as the user. This is where we put locks on doors to keep systems safe.

---

2. DATA LINK - At this layer, the data is just one level above the bare metal and silicon of the hardware. Here, the data moves from software to hardware and back. Security at this layer keeps the traffic going and the data where it’s supposed to be.

---

3. NETWORK - Think traffic control, speed limits, detours and stop signs. This is where network addressing, routing and other traffic control take place. Security at this layer protects against flooding attacks and sniffing or snooping attacks to keep criminals from accessing logins and passwords sent over the network.

---

4. TRANSPORT - Think of the post office getting mail from point A to point B reliably and without anyone tampering with the contents, but instead of bills and postcards, you’re dealing with data, and instead of houses and apartments, you’re dealing with computers and networks. Denial-of-service attacks also occur here, as well as man-in-the-middle attacks (bad guys trying to intercept the data between point A and point B).

---

5. SESSION - This represents the continuous exchange of information in the form of multiple back-and-forth transmissions. The session layer controls the dialogues (connections) between computers. Examples of attacks are denial-of-service and spoofing.

---

6. PRESENTATION - The presentation layer is just below the application layer and transforms data into the form that the application accepts. For instance, feed HTML code to a web browser, and you’ll get a webpage. Give it to your phone’s texting application, and you’ll get a lot of computer text that makes no sense to your friend.

---

7. APPLICATION - ​This is the layer closest to the end user and the most troublesome these days. Commonly, web browsers and email clients are attacked at this layer. It’s how people interact with computers and devices.

---