Scalable threat modeling with risk patterns
Current approaches to threat modeling emphasize manual analysis by trained teams, which can result in a bottleneck in the development process, reducing the appeal of performing this activity. Stephen de Vries presents a technique that uses reusable risk patterns to open the door to automated and scalable threat modeling.
|Talk Title||Scalable threat modeling with risk patterns|
|Conference||O’Reilly Security Conference|
|Conf Tag||Build better defenses|
|Date||November 9-11, 2016|
Current approaches to threat modeling emphasize manual analysis, which is typically performed by security-trained teams. This has a high initial cost, both in terms of time and the skills required to perform it. Enterprise environments offer the additional challenge of scaling this activity across thousands of products with a limited number of software security specialists to guide the process. Lack of the necessary security skills is one of the main reasons why many smaller companies never attempt threat modeling in the first place. Stephen de Vries presents a software-centric threat modeling method that uses architectural risk patterns to greatly speed up the process of generating a threat model and also introduces a degree of consistency between models that is often lacking in purely manual approaches. The method for creating risk patterns employs principals from object-oriented software design such as inheritance and polymorphism so that the contents of the patterns can be practically maintained and extended without unnecessary repetition. Topics include: