STRIDE is also a mnemonic tool for security threats it consists of six different categories, as shown in Table 1.1. STRIDE is an acronym for a threat modeling system that originated at Microsoft. At this point, external factors, such as cost or available resources, might affect the priorities. Next, review the specific risks to determine the final order in which to address them. Sorting from high to low provides an easy method to initially prioritize the risks. Then, multiply the likelihood and impact together to generate a total risk score. For example, rank likelihood and impact on a scale from 1 to 5, where 1 equals low likelihood or low probability, and 5 equals high likelihood or high impact.
your_end_results_are_the_list_and_description_of_risk_found__You_2.png "ms sdl threat modeling tool")
One easy way to calculate a total risk score is to assign numeric values to the likelihood and impact. Certain threats might not warrant any action when comparing the risk posed by the threat with the resulting mitigation costs. The rating process weighs the probability of the threat against the damage that could result should an attack occur. Prioritize and address the most significant threats first. Document each threat using a common threat template that shows the attributes of each threat. By examining the current architecture, system, applications, and potential vulnerabilities, identify the threats that could affect the systems and applications.ĭocument the threats. Break down the architecture of the systems and application, including the underlying network and host infrastructure design, security profiles, implementation, as well as the deployment configuration of the systems and applications. Documentation should include a system, trust boundaries, and data flow.ĭecompose the security components and applications. Gather simple diagrams and related information that show how the systems are connected, both physically and logically.
Identify the valuable assets that the systems must protect.Ĭreate an architecture overview. The steps to perform threat modeling are: In addition, the infrastructure, system, or solution is always changing, and new threats are found. The reason for multiple passes is that it is impossible to identify all of the possible threats in a single pass. Threat modeling is an iterative process it should be started when designing a system or solution and should be performed throughout the system or solution lifecycle. It addresses the top threats that have the greatest potential impact to an organization. Threat modeling is a procedure for optimizing network security by identifying vulnerabilities, identifying their risks, and defining countermeasures to prevent or mitigate the effects of the threats to the system.
0 kommentar(er)
