What is Threat Modeling? (and Why is it Important for Applications?)

What is threat modeling and why it’s important to you?

Let’s start by talking about what a threat is. A threat is something that has a negative impact on an asset, and when we’re talking about information security particularly about application security, the main aspect of concern is data.

The process of threat modeling systematically identifies all the different attack steps that could realize in an exploit. What we do in order to perform threat modeling is we take the blueprint of an application system, and we go through that blueprint to identify gaps and pathways of exploit.

If you want to think of it in terms of the analog or the physical world, the same process could be applied when an attacker or a burglar tries to break into a system. They would take the blueprint of the building, analyze it very carefully, and then try to determine how to get into that building from different pathways.

That’s exactly what we want to do with respect applications security.

  • During the discovery stage, we analyze the network architecture diagram or data flow diagram just like we would analyze the blueprints of a building, and then determine all the potential pathways of attack.
  • Next, we do threat modeling, which is a part of a risk assessment process. Once we determine the pathways of attack, the next thing we would do is perform pentesting.
  • Pentesting actually tries to see if it’s possible to exploit these pathways, or if any of those attacks can be realized.
  • Finally, we assign risk levels based on the impact of those assets and how likely they are to be attacked.

At Forward Security, threat modeling is an important part of our risk assessment process that helps us fine tune and systematically identify all the potential opportunities to exploit a given application system.