book

Threat Modeling

by Izar Tarandach, Matthew J. Coles

November 2020

Beginner

249 pages

7h 7m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Foreword
Preface
Why We Wrote This BookWho This Book Is ForWhat Is (and Isn’t!) in This BookThese Techniques Apply Across Various SystemsYour Contribution MattersConventions Used in This BookO’Reilly Online LearningHow to Contact UsAcknowledgments
Introduction
The Basics of Threat ModelingWhat Is Threat Modeling?Why You Need Threat ModelingObstaclesThreat Modeling in the System Development Life CycleEssential Security PrinciplesBasic Concepts and TerminologyCalculating Severity or RiskCore PropertiesFundamental ControlsBasic Design Patterns for Secure SystemsSummary
1. Modeling Systems
Why We Create System ModelsSystem Modeling TypesData Flow DiagramsSequence DiagramsProcess Flow DiagramsAttack TreesFishbone DiagramsHow to Build System ModelsWhat Does a Good System Model Look Like?Summary
2. A Generalized Approach to Threat Modeling
Basic StepsWhat You Are Looking for in a System ModelThe Usual SuspectsWhat You Should Not Expect to DiscoverThreat Intelligence GatheringSummary
3. Threat Modeling Methodologies
Before We Go Too Deep…Looking Through Filters, Angles, and PrismsTo the Methodologies, at Last!STRIDESTRIDE per ElementSTRIDE per InteractionProcess for Attack Simulation and Threat AnalysisThreat Assessment and Remediation AnalysisTrikeSpecialized MethodologiesLINDDUNMadness? This Is SPARTA!INCLUDES NO DIRTShall We Play a Game?Game: Elevation of PrivilegeGame: Elevation of Privilege and PrivacyGame: OWASP CornucopiaGame: Security and Privacy Threat Discovery CardsGame: LINDDUN GOSummary
4. Automated Threat Modeling
Why Automate Threat Modeling?Threat Modeling from CodeHow It WorksThreat Modeling with CodeHow It WorkspytmThreagileAn Overview of Other Threat Modeling ToolsIriusRiskSD ElementsThreatModelerOWASP Threat DragonMicrosoft Threat Modeling ToolCAIRISMozilla SeaSpongeTutamen Threat Model AutomatorThreat Modeling with ML and AISummary
5. Continuous Threat Modeling
Why Continuous Threat Modeling?The Continuous Threat Modeling MethodologyEvolutionary: Getting Better All the TimeThe Autodesk Continuous Threat Modeling MethodologyBaseliningBaseline AnalysisWhen Do You Know You Did Enough?Threat Model Every StoryFindings from the FieldSummary
6. Own Your Role as a Threat Modeling Champion
How Do I Get Leadership On-Board with Threat Modeling?How Do I Overcome Resistance from the Rest of the Product Team?How Do We Overcome the Sense of (or Actual) Failure at Threat Modeling?How Should I Choose a Threat Modeling Methodology from Many Similar Approaches?How Should I Deliver “the Bad News”?What Actions Should I Take for Accepted Findings?Did I Miss Something?Summary and ClosingFurther Reading
A. A Worked Example
High-Level Process StepsApproaching Your First System ModelLeading a Threat Modeling ExerciseA Sample Exercise: Creating a System ModelIdentifying Components, Flows, and AssetsIdentifying System Weaknesses and VulnerabilitiesIdentifying ThreatsDetermining ExploitabilityWrapping Things Up

Index

Overview

Threat modeling is one of the most essential--and most misunderstood--parts of the development lifecycle. Whether you're a security practitioner or a member of a development team, this book will help you gain a better understanding of how you can apply core threat modeling concepts to your practice to protect your systems against threats.

Contrary to popular belief, threat modeling doesn't require advanced security knowledge to initiate or a Herculean effort to sustain. But it is critical for spotting and addressing potential concerns in a cost-effective way before the code's written--and before it's too late to find a solution. Authors Izar Tarandach and Matthew Coles walk you through various ways to approach and execute threat modeling in your organization.

Explore fundamental properties and mechanisms for securing data and system functionality
Understand the relationship between security, privacy, and safety
Identify key characteristics for assessing system security
Get an in-depth review of popular and specialized techniques for modeling and analyzing your systems
View the future of threat modeling and Agile development methodologies, including DevOps automation
Find answers to frequently asked questions, including how to avoid common threat modeling pitfalls

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9781492056546Errata Page

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills