Professional Documents
Culture Documents
Threat Modelling
Threat Modelling
Threat Modelling
aws.EE?IIaia
→
"
i *÷H¥*¥.it:1#%aa:.4
E¥&%ñ¥z%.?¥.*g:¥¥¥¥¥.Q•3.F:
E÷h
.
an exercise
* ⇐
wrong✓
all can go
€•BiBa aTammw*É¥ #
isthreatmodellingX.gg
, application
- - _ .
.
.
*h*e•*MM•¥¥i ☒$
And that exercise
g. a.
. gg÷µµ,
☒¥÷¥i¥¥
BBB Threat modelling vs VAPT " "
%
0$93 Example App design ☒
HhmmmIm-bhnmmmmMtAcg_
⇐#__T•
Ggg Actual threat modelling
€n)EBBqgBBBY@BBM.
BgqngGBBBBʰM*¥%aa
zBBBBg
on App - - 6 threats
←
}
a.gr#ag.a.
Designed with
€•FiBa aiammh:¥* ¥ for developers ,
Security Engineers €•mmh:9iBa i÷☒É⇐¥
mh÷•ofBa¥*: Eo
?
¥ ?¥ ¥M;÷q÷:a÷ ! ? But what is meat let me tell you
modelling ? this in detail
__
•
"
.
vulnerability
"
Is it same as
"
-
h! A
question in short !! /\
Threat Modelling is NOT
vulnerability Assessment .
?
± Software is designed first then coded then deployed , right
A Initial
Reg design i
Implementation
Reg
And that 's 1
*
Oversimplified
how the
life cycle
looks like
New
Reg Release
] 1
New
Reg i-n-reit-modeii i g
'
exercise
/ works in these
, three
stages .
÷
¥iH¥#¥hk!÷yÉ↳a:?
1.9
'
%
? ? But still what is threat
Threat
modelling :p
⇐-€
a
HH W
majorly from the three
stage of SDLC mentioned
below .
Initial
/\
Reg design
Implementation
.IE#*:y:. a:i&f]
security issues
or
like
¥¥÷?¥* SQLI
/
÷÷¥
✗ SS New
t Rea release
am
.
•
É④ Just think for a minute ! !
¥¥¥¥←•ᵗ&±%±eÑM& code
being written ? Think what all exist in 3 stages
§=eea*i*yyIime$ /\ Of SDLC ?
E-j-eeuurrittyykinness.com
⑨ ¥:ᵗ4iEEmEMB
E-j-eeuurrittyykinnes.co mm
"
& build
-
no code is done .
^
But
soli → May lead to authorization Bypass
,••*
\
÷:¥ ÷iÉ:
} Authorization
May lead to data
☆&B*ak*¥✗po
Bypass threat
leak -
Data sure
threat
* so soli is a
vulnerabity &
..
. .am .
"
"
And these threats identified in threat MM
are
deeming ^
H←•?4nEnERm0MMF
Let's consider a demo application Estee#i*yyZZime$
eeuurrittyykinnes.com
TRAVEL PORTAL
Frontend
.?%÷¥ a B¥EkaÑB
kY
:←É•
E ÷
browser talks interacts
¥ ÷frontend
.
with backend
t 3rd Party
a¥
bookings
↑
are
server
talks to
A
browser
interim or
pressed data is
stored in DB
:÷÷÷÷÷÷!÷¥;÷¥•;,
. %%%
^ a.
things
•
where can
Application ?
¥(3¥)*¥*¥
omg go wrong
Users
Backups of
DB are stored in
53
¥ˢᵗ&nEmEE0MAB
i.%S-Eaeeuurrilt-yyZZinness.EE#--&go?
Eaoakq.mn:1
5-5-eeeuurriH-yyZZinness.com
?¥☒%•a:.g•:¥ ☒!%kʰa
kʳao1→
, I:÷÷ ¥ f→
k÷É•
↑
server
\
^ tf w
Application
users
!_¥ÉdBkw•aoBBBñ*
÷;↳
:. . .no.. .Bo%o !!!;n
things can
where
go
Now let's do threat Exercise
Modelling
⑥⑧•@ Promo code validation 80882 Payment checksum
at backend .
1 validation at backend
@②⑧µ
Promo code
is valid on
/
5☆ hotels
1 Payment
i ÷ii.÷ ÷
: i
ÉÉÉ#¥↳{ server
BABE
/
Share
• server / server
/ checkum
make
payment
/
¥Éhᵈµ¥*¥
[
_
Generate
Bypass No check at
DAGG checksum >
/
validate
promo code backend BABA checksum
<
Applied on
2
I so
payment validation by backend should
others data
1 login
I frontend
I ?*☒%•↳%.go¥ ¥ ak a
t k . n u →
17 :÷E÷
÷
. ¥I-F÷É¥¥*÷ ↑§Ñ
--
cMaeo@tqaagmaazs.CanaccessX.o
User - A
::-,
Other user
• . ...
Ñ☒¥¥.EBaB attacker
✓ Brute force user password
User - B Record B
.
\
-⇐ ¥;¥ ;↑¥*¥H!a¥H÷.•: ¥*É¥¥¥
BB5kMqggggLhk
I ¥¥
" "
"
^ ¥
User A
⇐__
-
" ""
,
,
* Rate login
limiting
-
on
attacker
User - B µ ,, ,
,
euurriH-yykinness.com 5--8 # i*yy Zines
*
¥¥¥%ᵗ&imEmamUHHTEB
?⃝
?⃝
$0B Handling Data ? $8K Is
your storage
, secure ?
Perform Data classification What
1
.
data for
are
you getting a user .
¥÷÷
- - - - -
'
/
if
frontend
, _
Data that
Data that
I
1 F:÷
É•÷
¥ f→
Data related "
I I s
:-X
:p
identity
¥Éns
a ' -
↓?÷,a
that has persons - - - - - - -
Record of history
a person
Rest / ¢,¥③)BBqaaadBB%Y*
*÷
our
'%aa.aogaa.É↳9@ .
"
Transit Encrypted
/
-
,
_
Rest Encrypted / hashed
Unencrypted
needs to
depends on
be
Data
used again
classification 1 €É * ¥Ck)☆%qgGBB%%¥¥
ᵗ¥
MBB
PII -
Use
TRAVEL PORTAL
exercise of .
^
Thank You For
reading •
. . . . . .
.