Professional Documents
Culture Documents
Security 2 - College 2
Security 2 - College 2
|1
SDLC software security best practice
Threat Modeling
|2
Threat Modeling
What is it?
Security by design
|3
Vision
Vision
Diagram
Identify
Validate
Threats
Mitigate
|4
Diagram
Vision
Diagram
Identify
Validate
Threats
Mitigate
|5
DFD notation
Data flow
Data store
Vision
Diagram
Identify
Validate
Threats
Security goals/properties:
CIA + authentication + non-repudiation + authorization
Microsoft: Mitigate
• STRIDE
• Card game Elevation of Privilege
• Threat Modeling Tool
|7
STRIDE
Spoofing
Tampering
Repudiation
Information Disclosure
Denial of Service
Elevation of Privilege
|8
STRIDE threats Security goals
Threat Most
related
security goal
Spoofing Authentication
Tampering Integrity
Repudiation Non-repudiation
Information Confidentiality
Disclosure
Elevation of Privilege Authorization Gain capabilities Allowing a remote internet user to run
without proper commands is the classic example, but running
| 10
authorization kernel code from lower trust levels is also EoP
DFD elements and STRIDE
S T R I D E
External
Entity
Process
Data Store
Dataflow
| 11
STRIDE analysis of DFDs
| 12
Threat modeling tooling
| 13
Microsoft Threat Modeling Tool
Let’s use it
Osiris case
| 14
Mitigate
Vision
Diagram
Mitigate
| 15
Standard mitigations
Mitigation sources are: cheatsheetseries.owasp.org, Threat Modeling tool
| 16
Standard mitigations
Vision
Diagram
Identify
Validate
Threats
| 18
Elevation of Privilege
Serious Game
Let’s play!
Casus = Osiris
| 19
Portfolio
| 20