Threat modeling is just what the name implies. It requires asking relevant questions: Who is likely to attack us? What do they want? How are they likely to try to do it?
Answers to those and other questions can help an organization create a model that will help it mitigate those likely threats and set priorities for what assets are the most important to protect.
There is general agreement in the cybersecurity industry on the five necessary steps to create a useful threat model. They are scoping, data gathering, system model, attack model, and risk analysis. But different providers offer different methodologies to complete those steps.
Chris Cummings, principal consultant at Synopsys, is coauthor of a recent white paper, “Threat Modeling, Decoded,” designed to help security teams address those threats more intentionally and efficiently, and provide the most protection for what they value most.
In a previous AppSec Decoded episode, Cummings and Taylor Armerding, security advocate at Synopsys, discussed the first two steps in threat modeling—scoping and data gathering.
In this, the second of four conversations, they focus on the third step in the process—creating the system model.