Web application security - the fast guide 1.1 | Page 48
Chapter 3 - Vulnerabilities and threat models
P a g e | 48
3.2 Threats risk modeling
Figure 19: Threats modeling process
3.2.1 Definition:
Threat modeling is a process that allow application developer to identify,
understand and rate main threats that might affect the application giving a better
view that will help implementing countermeasures to secure the application.
This task is not a one-time task it should be iterative to evolve with the
application and to give better opportunity to better identify threats and
vulnerabilities.
3.2.2 Threat modeling process:
This process as originally developed by Microsoft is composed of steps described
as follow:
1. Identify assets and security objectives: this is the step to be able to
locate and identify everything that has value that your application deal
with and that you have to protect. This might vary from confidential
information to company reputation.
Information that we generally need to collect are related to:
Value of the asset to adversaries.
Cost to replace the asset if lost.
Operational and productivity costs incurred if the asset is
unavailable.
Liability issues if the asset is compromised.
After prioritizing assets, a set of security objectives are to be specified.
2. Creating an architecture overview: this includes identifying all
functionalities of the application, subsystems and used technologies.