Agile Visual Threat Modeling

Doing threat modeling is one of the main requirements for almost any Agile organization. Most of the teams are doing it wrong, and as an award, they receive a false sense of security, which leads to products and services that attacker personas can easily exploit.

Agile Visual Threat Modeling Framework

I created a visual threat modeling framework that challenges you to solve the following problems you most certainly have:

  • A single user makes threat modeling because they have the most knowledge of the system. The framework’s goal is to make sure everyone has a chance to participate in the exercise – to raise the entire team’s security posture and strengthen the product lines in general. 
  • Threat Modeling’s current approach is close to a Waterfall model, and it’s far away from the dynamicity of the modern Agile way of doing software. The knowledge inside the framework will regularly engage the agile teams to repeat the exercise and focus on the most critical security issues. The Threat Modeling landscape is changing as you read, why don’t you change your model as well?
  • The usual way of doing threat modeling is using an offline whiteboard. With this framework, you can do modeling from anywhere and even invite experts to your session.

Some tools included in the Framework

Risk Matrix

Score the threat risk quickly on the probability/Impact scale and use the output to prioritize your security backlog. Combine a threat with an asset and an attacker and discuss the risk. The items with a higher risk go to the top of your security backlog.

Threats Catalogue

A list of the most common threats with easy to understand use-cases and a micro-flow. The library comes with built-in knowledge of the most common threat:

  • STRIDE
  • Privacy
  • Ethical Design

Also, you are free to add your own content – Security Patterns, Kill Chains, your company’s most common attacks, or whatever you think is useful.

Attacker Personas

A basic set of attacker personas + a way on how to visualize them. Knowing your “enemy” is the first step of an efficient Threat Model.

Workshop

The framework comes with a 90-min interactive and fun workshop.

The knowledge inside helps the team to remember the 3 main pieces of advice that will make our products a bit more secure:

  • Build a habit to do threat modeling often and to add improvements or spikes in your backlog constantly.
  • In 1976, a British statistician named George Box wrote the famous line, “All models are wrong, some are useful.”  Explore what is currently going on in the security world.  Everything is changing fast and we need to adapt. Maybe the threat model you finished 2 months ago is not relevant anymore.
  • Work as a team. We cannot afford to ignore great ideas coming from a person that for example just recently joined the team or was working on different types of stories before.

Thirsty for knowledge?

Shoot me an e-mail to bogomil _at_ this website and I will notfy you when this is publicly avaiable.