Threat Modeling for Secure Software Design

Learn about threat modeling for secure software design in this 46-minute conference talk from the Central Ohio InfoSec Summit 2016. Explore the fundamentals of threat modeling, its place in the development process, and practical tools for implementation. Discover how to conduct a typical threat modeling session, use simple tools like one-page models and worksheets, and apply security principles. Dive into the threat modeling process, including system understanding, STRIDE framework, and OWASP Cornucopia. Gain insights on identifying functional and identity threats, determining mitigations, and assessing risk. Examine a configuration management scenario and learn how to follow through on identified threats. Conclude with a challenge to apply these concepts and explore additional resources for threat modeling tools.

Robert Hurlbut
Secure Software Design
What is threat modeling?
Threat modeling helps ...
Where does threat modeling fit?
Definitions
Typical Threat Modeling Session
Simple Tools
Simple Threat Model - One Page
Threat Model Sample Worksheet
Review Security Principles
IEEE Computer Society's Center for Secure Design Take a look at
Threat Modeling Process
Draw your picture
Understand the system
STRIDE Framework – Data Flow Threat
OWASP Cornucopia
Identify Threats - Functional
Identity Threats - Ask Questions
One of the best questions ...
Scenario - Configuration Management
Determine mitigations and risks
Risk Rating - Ease of Exploitation
Risk Rating - Business Impact
Example - Medium Risk Threat
Follow through
Your challenge
Resources - Tools
Questions?