What is Threat Modeling? (and Why is it Important for Applications?)

What is threat modeling and why is it important?

A threat is something that has a negative impact on an asset. In the context of information security, particularly about application security, the main aspect of concern is data.

The process of threat modeling systematically identifies all the different attack steps that could realize in an exploit.

When we perform threat modeling, we take the blueprint of an application system, and we go through that blueprint to identify gaps and pathways of exploit.

If you want to think of it in terms of the analog or physical world, the same process could be applied when an attacker or a burglar tries to break into a system. They would take the blueprint of the building, analyze it very carefully, and then try to determine how to get into that building from different pathways.

  • During the discovery stage, we analyze the network architecture diagram or data flow diagram just like we would analyze the blueprints of a building, and then determine all the potential pathways of attack.
  • Next, we do threat modeling, which is a part of a risk assessment process. Once we determine the pathways of attack, the next thing we would do is perform pentesting.
  • Pentesting actually tries to see if it’s possible to exploit these pathways, or if any of those attacks can be realized.
  • Finally, we assign risk levels based on the impact of those assets and how likely they are to be attacked.

How Mature is Your DevSecOps?

Our comprehensive DevSecOps Maturity Assessment covers 8 key phases of DevSecOps practices, 29 questions in total.

By evaluating your team on each capability, you can determine if your DevSecOps maturity level is early, intermediate, or advanced. Your assessment includes a custom report that provides your overall maturity as well as detailed recommendations you can take to enhance your security posture.