This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Threat Modeling Cheat Sheet"
From OWASP
| Line 7: | Line 7: | ||
<br/> | <br/> | ||
__TOC__{{TOC hidden}} | __TOC__{{TOC hidden}} | ||
| + | = DRAFT CHEAT SHEET - WORK IN PROGRESS = | ||
= Introduction = | = Introduction = | ||
| − | + | The objective of this cheat sheet is to provide guidance to developers, reviewers, designers and architects on conducting successful threat modeling. The main goal of threat modeling is to understand the controls needed for a software system. This is a complex endeavor that will involve investigations into: | |
| + | # The trust boundaries to and within the solution that we build | ||
| + | # The actors that interact within and outside of the trust boundaries | ||
| + | # Information flows within and to and from the trust boundaries | ||
| + | # Information persistence within and out of trust boundaries | ||
| + | # Vulnerabilities at trust boundaries | ||
| + | # Threat agents that can exploit the vulnerabilities | ||
| + | # Impact of exploitation of vulnerability by a threat agents | ||
| + | # Controls and process needed to treat specific risks | ||
= Introduction = | = Introduction = | ||
'''Application Security Threat Modeling''' | '''Application Security Threat Modeling''' | ||
| − | |||
| − | |||
= Define The Target Of Evaluation = | = Define The Target Of Evaluation = | ||
Revision as of 03:50, 12 April 2016
|
Last revision (mm/dd/yy): 04/12/2016
DRAFT CHEAT SHEET - WORK IN PROGRESSIntroductionThe objective of this cheat sheet is to provide guidance to developers, reviewers, designers and architects on conducting successful threat modeling. The main goal of threat modeling is to understand the controls needed for a software system. This is a complex endeavor that will involve investigations into:
IntroductionApplication Security Threat Modeling Define The Target Of EvaluationCreate a logical map of the Target of EvaluationCreate a physical map of the Target of EvaluationIdentify the Assets within the physical and logical Targets of EvaluationDefine The AttackersIdentify Possible Attackers that could exist within the Target Of Evaluation
Select the most dangerous Attacker in your Target Of EvaluationConduct the Threat Model
Enumerate Threats posed by most dangerous Attacker in Target of EvaluationEnumerate Threats posed by most dangerous attacker in designated areas of the physical & logical Maps of the Target of Evaluation
Enumerate Attacks posed by most dangerous attacker in designated areas of the logical and physical maps of the target of evaluation
- Application Decomposition - Attack Tree - Vulnerability/Exploit Mapping - Application Testing create risks in risk log for every identified threat or attack to any assetsrank risks using risk matrix from most severe to least severeIdentify risk ownersRemediation/CountermeasuresAgree on risk mitigation with risk owners and stakeholders
Treat risks accordinglyTest risk treatment to verify remediationReduce risk in risk log for verified treated riskPeriodically retest riskAuthors and Primary EditorsTODO Other Cheatsheets |
