SlideShare a Scribd company logo

Threat Modeling for System Builders and System Breakers - Dan Cornell of Denim Group's Presentation for Los Alamos National Labs

Denim Group
Denim Group

Threat modeling is a valuable technique for identifying potential security issues in complex applications but many teams have been slow to adopt. This presentation looks at Threat Modeling from two perspectives – from that of a system builder trying to avoid introducing security defects into a new system and from that of a system tester trying to identify security issues in an existing system. The materials include discussion of where threat modeling is best done during the development lifecycle as well as the process of creating and refining a threat model. Follow Dan Cornell on twitter - @danielcornell

Technology
1 of 53
Download to read offline
© Copyright 2014 Denim Group - All Rights Reserved Threat Modeling for System Builders and System Breakers! ! Dan Cornell! @danielcornell
© Copyright 2014 Denim Group - All Rights Reserved 2 Dan Cornell •  Dan Cornell, founder and CTO of Denim Group •  Software developer by background (Java, .NET, etc) •  OWASP San Antonio •  15 years experience in software architecture, development and security •  Heads Denim Group’s application security team
© Copyright 2014 Denim Group - All Rights Reserved Denim Group Background •  Professional services firm that builds & secures enterprise applications –  External application assessments •  Web, mobile, and cloud –  Software development lifecycle development (SDLC) consulting •  Classroom and e-Learning for PCI compliance •  Secure development services: –  Secure .NET and Java application development –  Post-assessment remediation •  Deep penetration in Energy, Financial Services, Banking, Insurance, Healthcare and Defense market sectors •  Customer base spans Fortune 500 •  Contributes to industry best practices through the Open Web Application Security Project (OWASP) 3
© Copyright 2014 Denim Group - All Rights Reserved Agenda •  The Goals of Threat Modeling •  Understanding Threats and Risk •  Threat Modeling Activities –  Business –  Architectural –  Functional –  Threat Trees –  Rating Threats –  Countermeasures •  Effective Threat Modeling •  Threat Modeling Scenarios
© Copyright 2014 Denim Group - All Rights Reserved The Goals of Threat Modeling
© Copyright 2014 Denim Group - All Rights Reserved The Goals of Threat Modeling •  Take note we are discussing the goals, not the definition of threat modeling •  Definitions of a Threat Model differ –  A general list of security concerns for a given product –  A set of possible application attack scenarios to consider –  Structured way to look at systems and identify potential security issues –  A set of attacker profiles, with attacker goals and competencies •  These definitions are fine as definitions, but are not immediately actionable •  A threat model is difficult to define well because it does not fit a strict hierarchy or taxonomy •  We CAN identify the value in it
© Copyright 2014 Denim Group - All Rights Reserved What Do We Want to Accomplish? •  Stay “ahead” of potential vulnerabilities •  Bring the application as planned or built in-line with security objectives •  Empower security verification activities •  Account for remediation and mitigation of problems as early as possible •  The earlier in the development / procurement process, the better –  The types of issues it identifies can be expensive to address after the fact.
© Copyright 2014 Denim Group - All Rights Reserved What Do We Want to Accomplish? •  In assessments –  Organize relevant observations about an application’s architecture, unique features, and functional security –  Attack planning for tests and review beyond the “baseline” •  In development –  Predict and account for threats to the application’s unique architecture and features –  Estimate probability of a true exploit (DREAD) –  If functional security is not defined elsewhere, define it here •  AuthX •  Input validation •  Data protection •  etc. –  Justify the expense of countermeasures
© Copyright 2014 Denim Group - All Rights Reserved How Can a Threat Model Support These Goals? •  Clearly identify the stakes –  What sensitive assets does the application handle? –  Who are the threat agents? •  Identify architecture and design-level issues –  Data Flow –  Business Logic •  Collate functional security solutions –  What is your authentication solution? Validation? Data protection? •  Threat Modeling must support your goals, not the other way around
© Copyright 2014 Denim Group - All Rights Reserved Understanding Threats and Risk
© Copyright 2014 Denim Group - All Rights Reserved Understanding Threats and Risk •  High-Level attack vectors –  Defeating a security mechanism –  Abusing an application feature –  Exploiting the insufficient security or poor implementation •  Remember, your application is part of a larger system •  Why is this important?
© Copyright 2014 Denim Group - All Rights Reserved Understanding Threats and Risk •  What can seem like a simple application at first glance…
© Copyright 2014 Denim Group - All Rights Reserved Understanding Threats and Risk •  Can quickly explode in complexity upon closer examination
© Copyright 2014 Denim Group - All Rights Reserved Understanding Threats and Risk •  Try not to decide the scope of an architecture review or security assessment before thinking of the big picture •  The weakest point in a system may not be what you think •  With the right information on- hand, discovering vulnerabilities can be a simple matter of Q&A
© Copyright 2014 Denim Group - All Rights Reserved Understanding Threats and Risk •  We have seen the risks to poor functional security…
© Copyright 2014 Denim Group - All Rights Reserved Understanding Threats and Risk •  What about the unique features of our application?
© Copyright 2014 Denim Group - All Rights Reserved Understanding Threats and Risk •  Technology should not abstract business processes, but aid their efficient handling •  Application logic should not completely circumvent normal accountability
© Copyright 2014 Denim Group - All Rights Reserved Understanding Threats and Risk •  What about functional security? •  You don’t need to be proficient with a particular technology to evaluate a security solution –  Is it adequate? –  Do operational processes support it? –  Is the solution an established, tested one or custom-mad1e? 1.  Security Architecture 2.  Authentication 3.  Session Management 4.  Access Control 5.  Input Validation 6.  Output Encoding/Escaping 7.  Cryptography 8.  Error Handling and Logging 9.  Data Protection 10.  Communication Security 11.  HTTP Security 12.  Security Configuration 13.  Malicious Code Search 14.  Internal Security
© Copyright 2014 Denim Group - All Rights Reserved Threat Modeling Activities
© Copyright 2014 Denim Group - All Rights Reserved The Threat Modeling Process •  Let us take a clear look at what goes in and comes out of the process –  Business Logic –  Architecture –  Functional Security –  Attacker’s Perspective
© Copyright 2014 Denim Group - All Rights Reserved Threat Model Inputs and Outputs •  Business –  Application requirements, enterprise security strategy in –  Assets, Agents, Abuse cases out •  Architectural –  Application architecture and design in –  Application data flow threats out •  Functional –  Implementation standards or application source in –  Functional security threats out •  Threat Trees –  Attack surface and attacker profiles in –  Threat trees out
© Copyright 2014 Denim Group - All Rights Reserved Approaches for Identifying Threats •  Use Cases for Business –  Useful for identifying flaws with specific application features •  Data Flow for Architecture –  What threats can we identify looking at the application’s data flow? –  The whole system’s data stores, services, processes, etc. –  The interaction among those components •  Functional Security –  Here are the security features. How could an attacker defeat them? •  Attacker’s Goals for Threat Trees –  If you are an attacker, what would you want to accomplish? –  How would you go about achieving the malicious goal? –  Useful for identifying any erroneous security assumptions •  No one approach is perfect – these are essentially brain storming techniques
© Copyright 2014 Denim Group - All Rights Reserved Threat Modeling Activities: Business
© Copyright 2014 Denim Group - All Rights Reserved Threat Model Business Inputs and Outputs •  When can we do this? –  Any time the application is conceived •  Business Inputs –  Requirements, Use Cases, other requirements-related documentation –  Compliance, regulations, other strategic goals •  Business Outputs –  Business Assets –  Threat Agents –  Abuse Cases •  What have we accomplished? –  Data to scope future assessment efforts –  Abuse scenarios for targeted security testing
© Copyright 2014 Denim Group - All Rights Reserved Identifying Threats through Abuse Cases •  This is where we catch potential flaws in business logic, customer support •  Look over each application use case –  What functionality fulfills that use case? –  How would an attacker attempt to abuse that functionality? •  If a use-case accounts for a user requesting a document, then the abuse case would account for a request to a document that they are not allowed to see or one that doesn't exist •  If a use-case accounts for a privileged user approving a transaction, then the abuse case would account for a lower-level user attempting to force approval for the transaction
© Copyright 2014 Denim Group - All Rights Reserved Threat Modeling Activities: Architectural
© Copyright 2014 Denim Group - All Rights Reserved Architectural Threats •  When can we do this? –  When the application architecture has been conceived –  It does not need to be final •  What do we make? –  A Data Flow Diagram •  We are going to do it in the Microsoft style –  Why? This is a good fit for many different types of systems
© Copyright 2014 Denim Group - All Rights Reserved Creating Data Flow Diagrams (DFDs) •  Decompose the system into a series of processes and data flows •  Explicitly identify trust boundaries
© Copyright 2014 Denim Group - All Rights Reserved Example Data Flow Diagram
© Copyright 2014 Denim Group - All Rights Reserved Deriving Threats from the Data Flow
© Copyright 2014 Denim Group - All Rights Reserved Data-Flow Based Threats •  This is where a Threat Model is uniquely beneficial •  Identify potential issues in a structured, repeatable manner •  Looking at asset types in the context of STRIDE
© Copyright 2014 Denim Group - All Rights Reserved Identifying Threats from the Data Flow •  STRIDE is expansion of the common CIA threat types –  Confidentiality –  Integrity –  Availability •  STRIDE –  Spoofing Identity –  Tampering with Data –  Repudiation –  Information Disclosure –  Denial of Service –  Elevation of Privilege 32
© Copyright 2014 Denim Group - All Rights Reserved Asset Types
© Copyright 2014 Denim Group - All Rights Reserved Mapping Threats to Data Flow Asset Types Threat  Type   External   Interactor   Process   Data  Flow   Data  Store   S  –  Spoofing   Yes   Yes   T  –  Tampering   Yes   Yes   Yes   R  –  Repudia4on   Yes   Yes   Yes   I  –  Informa4on  Disclosure   Yes   Yes   Yes   D  –  Denial  of  Service   Yes   Yes   Yes   E  –  Eleva4on  of  Privilege   Yes   34
© Copyright 2014 Denim Group - All Rights Reserved Spoofing: External Interactors
© Copyright 2014 Denim Group - All Rights Reserved Spoofing: Remote Applications
© Copyright 2014 Denim Group - All Rights Reserved Tampering: Data Stores
© Copyright 2014 Denim Group - All Rights Reserved Tampering: Applications
© Copyright 2014 Denim Group - All Rights Reserved Repudiation •  What data reflects business transactions? –  Logs? –  Database? –  Other intermediate files? –  External entities? •  Is this data adequate? –  Safeguard against fraud? –  Incident response?
© Copyright 2014 Denim Group - All Rights Reserved Information Disclosure: Data Stores
© Copyright 2014 Denim Group - All Rights Reserved Information Disclosure: Transport Layer
© Copyright 2014 Denim Group - All Rights Reserved Information Disclosure: Technical and Operations
© Copyright 2014 Denim Group - All Rights Reserved Information Disclosure: Identified Data Assets •  What are the touch points for sensitive data? –  Data Stores? –  Applications? –  Transport Layer? •  How do these entities handle the data? –  In memory? –  At rest?
© Copyright 2014 Denim Group - All Rights Reserved Denial of Service
© Copyright 2014 Denim Group - All Rights Reserved Elevation of Privilege •  What entities manage privileges? –  Apps manage feature/data access –  Apps maintain credentials –  Network trusts app –  Batch processes access file system –  Batch processes maintain credentials •  Are these privileges sound? –  Too permissive? –  Prone to disclosure? –  Poor operational management?
© Copyright 2014 Denim Group - All Rights Reserved Threat Modeling Activities: Functional
© Copyright 2014 Denim Group - All Rights Reserved Functional Security Threats •  When can we do this? –  The team uses coding standards –  The application is released or well into development •  Functional Inputs –  Technology Stack –  Implementation Standards •  Functional Outputs
© Copyright 2014 Denim Group - All Rights Reserved Functional Security •  Even organizations that track functional security do not often have it collated –  Authentication –  Session Management –  Input Validation –  Data Protection –  Error Handling –  Etc. –  I may or may not know what your coding standards are, but I want to know how you actually implement them •  Abuse cases for each domain of functional security –  How would an attacker look for gaps? –  How could the mechanism be abused or circumvented? •  This does go over a lot of the assessment “baseline”, but the value is in having it together
© Copyright 2014 Denim Group - All Rights Reserved Functional Security Taxonomy 1.  Security Architecture 2.  Authentication 3.  Session Management 4.  Access Control 5.  Input Validation 6.  Output Encoding/Escaping 7.  Cryptography 8.  Error Handling and Logging 9.  Data Protection 10.  Communication Security 11.  HTTP Security 12.  Security Configuration 13.  Malicious Code Search 14.  Internal Security One important item NOT in ASVS •  Least Privilege The OWASP Application Security Verification Standard is a good fit for this
© Copyright 2014 Denim Group - All Rights Reserved Threat Modeling Activities: Countermeasures
© Copyright 2014 Denim Group - All Rights Reserved Countermeasures •  Do nothing •  Remove the feature •  Turn off the feature •  Warn the user •  Counter the threat with Operations –  Accountability –  Separation of Duties •  Counter the threat with Technology –  Change in Design –  Change in Implementation •  There is no “catch all” countermeasure
© Copyright 2014 Denim Group - All Rights Reserved Generic Mobile Application Threat Model 52
© Copyright 2014 Denim Group - All Rights Reserved 53 Questions / Contact Information Dan Cornell Principal and CTO dan@denimgroup.com Twitter @danielcornell (210) 572-4400 www.denimgroup.com blog.denimgroup.com

Recommended

Hybrid Analysis Mapping: Making Security and Development Tools Play Nice Toge...
Hybrid Analysis Mapping: Making Security and Development Tools Play Nice Toge...Hybrid Analysis Mapping: Making Security and Development Tools Play Nice Toge...
Hybrid Analysis Mapping: Making Security and Development Tools Play Nice Toge...Denim Group
 
RSA 2015 Blending the Automated and the Manual: Making Application Vulnerabil...
RSA 2015 Blending the Automated and the Manual: Making Application Vulnerabil...RSA 2015 Blending the Automated and the Manual: Making Application Vulnerabil...
RSA 2015 Blending the Automated and the Manual: Making Application Vulnerabil...Denim Group
 
Security Culture from Concept to Maintenance: Secure Software Development Lif...
Security Culture from Concept to Maintenance: Secure Software Development Lif...Security Culture from Concept to Maintenance: Secure Software Development Lif...
Security Culture from Concept to Maintenance: Secure Software Development Lif...Dilum Bandara
 
Benchmarking Web Application Scanners for YOUR Organization
Benchmarking Web Application Scanners for YOUR OrganizationBenchmarking Web Application Scanners for YOUR Organization
Benchmarking Web Application Scanners for YOUR OrganizationDenim Group
 
Mobile Application Assessment By the Numbers: a Whole-istic View
Mobile Application Assessment By the Numbers: a Whole-istic ViewMobile Application Assessment By the Numbers: a Whole-istic View
Mobile Application Assessment By the Numbers: a Whole-istic ViewDenim Group
 
Technical Writing for Consultants
Technical Writing for ConsultantsTechnical Writing for Consultants
Technical Writing for ConsultantsDilum Bandara
 
Security Training: Necessary Evil, Waste of Time, or Genius Move?
Security Training: Necessary Evil, Waste of Time, or Genius Move?Security Training: Necessary Evil, Waste of Time, or Genius Move?
Security Training: Necessary Evil, Waste of Time, or Genius Move?Denim Group
 
Threat Modeling to Reduce Software Security Risk
Threat Modeling to Reduce Software Security RiskThreat Modeling to Reduce Software Security Risk
Threat Modeling to Reduce Software Security RiskSecurity Innovation
 

Recommended

Hybrid Analysis Mapping: Making Security and Development Tools Play Nice Toge...
Hybrid Analysis Mapping: Making Security and Development Tools Play Nice Toge...Hybrid Analysis Mapping: Making Security and Development Tools Play Nice Toge...
Hybrid Analysis Mapping: Making Security and Development Tools Play Nice Toge...Denim Group
 
RSA 2015 Blending the Automated and the Manual: Making Application Vulnerabil...
RSA 2015 Blending the Automated and the Manual: Making Application Vulnerabil...RSA 2015 Blending the Automated and the Manual: Making Application Vulnerabil...
RSA 2015 Blending the Automated and the Manual: Making Application Vulnerabil...Denim Group
 
Security Culture from Concept to Maintenance: Secure Software Development Lif...
Security Culture from Concept to Maintenance: Secure Software Development Lif...Security Culture from Concept to Maintenance: Secure Software Development Lif...
Security Culture from Concept to Maintenance: Secure Software Development Lif...Dilum Bandara
 
Benchmarking Web Application Scanners for YOUR Organization
Benchmarking Web Application Scanners for YOUR OrganizationBenchmarking Web Application Scanners for YOUR Organization
Benchmarking Web Application Scanners for YOUR OrganizationDenim Group
 
Mobile Application Assessment By the Numbers: a Whole-istic View
Mobile Application Assessment By the Numbers: a Whole-istic ViewMobile Application Assessment By the Numbers: a Whole-istic View
Mobile Application Assessment By the Numbers: a Whole-istic ViewDenim Group
 
Technical Writing for Consultants
Technical Writing for ConsultantsTechnical Writing for Consultants
Technical Writing for ConsultantsDilum Bandara
 
Security Training: Necessary Evil, Waste of Time, or Genius Move?
Security Training: Necessary Evil, Waste of Time, or Genius Move?Security Training: Necessary Evil, Waste of Time, or Genius Move?
Security Training: Necessary Evil, Waste of Time, or Genius Move?Denim Group
 
Threat Modeling to Reduce Software Security Risk
Threat Modeling to Reduce Software Security RiskThreat Modeling to Reduce Software Security Risk
Threat Modeling to Reduce Software Security RiskSecurity Innovation
 
Integrating Security Across SDLC Phases
Integrating Security Across SDLC PhasesIntegrating Security Across SDLC Phases
Integrating Security Across SDLC PhasesIshrath Sultana
 
Application Assessment Techniques
Application Assessment TechniquesApplication Assessment Techniques
Application Assessment TechniquesDenim Group
 
Secure Software Development Lifecycle
Secure Software Development LifecycleSecure Software Development Lifecycle
Secure Software Development Lifecycle1&1
 
Remediation Statistics: What Does Fixing Application Vulnerabilities Cost?
Remediation Statistics: What Does Fixing Application Vulnerabilities Cost?Remediation Statistics: What Does Fixing Application Vulnerabilities Cost?
Remediation Statistics: What Does Fixing Application Vulnerabilities Cost?Denim Group
 
Information Security and the SDLC
Information Security and the SDLCInformation Security and the SDLC
Information Security and the SDLCBDPA Charlotte - Information Technology Thought Leaders
 
24may 1200 valday eric anklesaria 'secure sdlc – core banking'
24may 1200 valday eric anklesaria 'secure sdlc – core banking'24may 1200 valday eric anklesaria 'secure sdlc – core banking'
24may 1200 valday eric anklesaria 'secure sdlc – core banking'Positive Hack Days
 
Are Agile And Secure Development Mutually Exclusive?
Are Agile And Secure Development Mutually Exclusive?Are Agile And Secure Development Mutually Exclusive?
Are Agile And Secure Development Mutually Exclusive?Source Conference
 
Agile and Secure SDLC
Agile and Secure SDLCAgile and Secure SDLC
Agile and Secure SDLCNazar Tymoshyk, CEH, Ph.D.
 
Application Security Assessments by the Numbers - A Whole-istic View - OWASP ...
Application Security Assessments by the Numbers - A Whole-istic View - OWASP ...Application Security Assessments by the Numbers - A Whole-istic View - OWASP ...
Application Security Assessments by the Numbers - A Whole-istic View - OWASP ...Denim Group
 
Secure Design: Threat Modeling
Secure Design: Threat ModelingSecure Design: Threat Modeling
Secure Design: Threat ModelingCigital
 
Dmitriy Desyatkov "Secure SDLC or Security Culture to be or not to be"
Dmitriy Desyatkov "Secure SDLC or Security Culture to be or not to be"Dmitriy Desyatkov "Secure SDLC or Security Culture to be or not to be"
Dmitriy Desyatkov "Secure SDLC or Security Culture to be or not to be"WrikeTechClub
 
The Self Healing Cloud: Protecting Applications and Infrastructure with Autom...
The Self Healing Cloud: Protecting Applications and Infrastructure with Autom...The Self Healing Cloud: Protecting Applications and Infrastructure with Autom...
The Self Healing Cloud: Protecting Applications and Infrastructure with Autom...Denim Group
 
How-To-Guide for Software Security Vulnerability Remediation
How-To-Guide for Software Security Vulnerability RemediationHow-To-Guide for Software Security Vulnerability Remediation
How-To-Guide for Software Security Vulnerability RemediationDenim Group
 
The ThreadFix Ecosystem: Vendors, Volunteers, and Versions
The ThreadFix Ecosystem: Vendors, Volunteers, and VersionsThe ThreadFix Ecosystem: Vendors, Volunteers, and Versions
The ThreadFix Ecosystem: Vendors, Volunteers, and VersionsDenim Group
 
Secure Software Development Life Cycle
Secure Software Development Life CycleSecure Software Development Life Cycle
Secure Software Development Life CycleMaurice Dawson
 
5 things i wish i knew about sast (DSO-LG July 2021)
5 things i wish i knew about sast (DSO-LG July 2021)5 things i wish i knew about sast (DSO-LG July 2021)
5 things i wish i knew about sast (DSO-LG July 2021)Michael Man
 
The What, Why, and How of DevSecOps
The What, Why, and How of DevSecOpsThe What, Why, and How of DevSecOps
The What, Why, and How of DevSecOpsCprime
 
Real Cost of Software Remediation
Real Cost of Software RemediationReal Cost of Software Remediation
Real Cost of Software RemediationDenim Group
 
Shift Left Security
Shift Left SecurityShift Left Security
Shift Left Securitygjdevos
 
Setting up a secure development life cycle with OWASP - seba deleersnyder
Setting up a secure development life cycle with OWASP - seba deleersnyderSetting up a secure development life cycle with OWASP - seba deleersnyder
Setting up a secure development life cycle with OWASP - seba deleersnyderSebastien Deleersnyder
 
Malicious android-applications-risks-exploitation 33578
Malicious android-applications-risks-exploitation 33578Malicious android-applications-risks-exploitation 33578
Malicious android-applications-risks-exploitation 33578skowshik
 
Mobile Application Security
Mobile Application SecurityMobile Application Security
Mobile Application SecurityLenin Aboagye
 

More Related Content

What's hot

Integrating Security Across SDLC Phases
Integrating Security Across SDLC PhasesIntegrating Security Across SDLC Phases
Integrating Security Across SDLC PhasesIshrath Sultana
 
Application Assessment Techniques
Application Assessment TechniquesApplication Assessment Techniques
Application Assessment TechniquesDenim Group
 
Secure Software Development Lifecycle
Secure Software Development LifecycleSecure Software Development Lifecycle
Secure Software Development Lifecycle1&1
 
Remediation Statistics: What Does Fixing Application Vulnerabilities Cost?
Remediation Statistics: What Does Fixing Application Vulnerabilities Cost?Remediation Statistics: What Does Fixing Application Vulnerabilities Cost?
Remediation Statistics: What Does Fixing Application Vulnerabilities Cost?Denim Group
 
24may 1200 valday eric anklesaria 'secure sdlc – core banking'
24may 1200 valday eric anklesaria 'secure sdlc – core banking'24may 1200 valday eric anklesaria 'secure sdlc – core banking'
24may 1200 valday eric anklesaria 'secure sdlc – core banking'Positive Hack Days
 
Are Agile And Secure Development Mutually Exclusive?
Are Agile And Secure Development Mutually Exclusive?Are Agile And Secure Development Mutually Exclusive?
Are Agile And Secure Development Mutually Exclusive?Source Conference
 
Application Security Assessments by the Numbers - A Whole-istic View - OWASP ...
Application Security Assessments by the Numbers - A Whole-istic View - OWASP ...Application Security Assessments by the Numbers - A Whole-istic View - OWASP ...
Application Security Assessments by the Numbers - A Whole-istic View - OWASP ...Denim Group
 
Secure Design: Threat Modeling
Secure Design: Threat ModelingSecure Design: Threat Modeling
Secure Design: Threat ModelingCigital
 
Dmitriy Desyatkov "Secure SDLC or Security Culture to be or not to be"
Dmitriy Desyatkov "Secure SDLC or Security Culture to be or not to be"Dmitriy Desyatkov "Secure SDLC or Security Culture to be or not to be"
Dmitriy Desyatkov "Secure SDLC or Security Culture to be or not to be"WrikeTechClub
 
The Self Healing Cloud: Protecting Applications and Infrastructure with Autom...
The Self Healing Cloud: Protecting Applications and Infrastructure with Autom...The Self Healing Cloud: Protecting Applications and Infrastructure with Autom...
The Self Healing Cloud: Protecting Applications and Infrastructure with Autom...Denim Group
 
How-To-Guide for Software Security Vulnerability Remediation
How-To-Guide for Software Security Vulnerability RemediationHow-To-Guide for Software Security Vulnerability Remediation
How-To-Guide for Software Security Vulnerability RemediationDenim Group
 
The ThreadFix Ecosystem: Vendors, Volunteers, and Versions
The ThreadFix Ecosystem: Vendors, Volunteers, and VersionsThe ThreadFix Ecosystem: Vendors, Volunteers, and Versions
The ThreadFix Ecosystem: Vendors, Volunteers, and VersionsDenim Group
 
Secure Software Development Life Cycle
Secure Software Development Life CycleSecure Software Development Life Cycle
Secure Software Development Life CycleMaurice Dawson
 
5 things i wish i knew about sast (DSO-LG July 2021)
5 things i wish i knew about sast (DSO-LG July 2021)5 things i wish i knew about sast (DSO-LG July 2021)
5 things i wish i knew about sast (DSO-LG July 2021)Michael Man
 
The What, Why, and How of DevSecOps
The What, Why, and How of DevSecOpsThe What, Why, and How of DevSecOps
The What, Why, and How of DevSecOpsCprime
 
Real Cost of Software Remediation
Real Cost of Software RemediationReal Cost of Software Remediation
Real Cost of Software RemediationDenim Group
 
Shift Left Security
Shift Left SecurityShift Left Security
Shift Left Securitygjdevos
 
Setting up a secure development life cycle with OWASP - seba deleersnyder
Setting up a secure development life cycle with OWASP - seba deleersnyderSetting up a secure development life cycle with OWASP - seba deleersnyder
Setting up a secure development life cycle with OWASP - seba deleersnyderSebastien Deleersnyder
 

What's hot (20)

Integrating Security Across SDLC Phases
Integrating Security Across SDLC PhasesIntegrating Security Across SDLC Phases
Integrating Security Across SDLC Phases
 
Application Assessment Techniques
Application Assessment TechniquesApplication Assessment Techniques
Application Assessment Techniques
 
Secure Software Development Lifecycle
Secure Software Development LifecycleSecure Software Development Lifecycle
Secure Software Development Lifecycle
 
Remediation Statistics: What Does Fixing Application Vulnerabilities Cost?
Remediation Statistics: What Does Fixing Application Vulnerabilities Cost?Remediation Statistics: What Does Fixing Application Vulnerabilities Cost?
Remediation Statistics: What Does Fixing Application Vulnerabilities Cost?
 
Information Security and the SDLC
Information Security and the SDLCInformation Security and the SDLC
Information Security and the SDLC
 
24may 1200 valday eric anklesaria 'secure sdlc – core banking'
24may 1200 valday eric anklesaria 'secure sdlc – core banking'24may 1200 valday eric anklesaria 'secure sdlc – core banking'
24may 1200 valday eric anklesaria 'secure sdlc – core banking'
 
Are Agile And Secure Development Mutually Exclusive?
Are Agile And Secure Development Mutually Exclusive?Are Agile And Secure Development Mutually Exclusive?
Are Agile And Secure Development Mutually Exclusive?
 
Agile and Secure SDLC
Agile and Secure SDLCAgile and Secure SDLC
Agile and Secure SDLC
 
Application Security Assessments by the Numbers - A Whole-istic View - OWASP ...
Application Security Assessments by the Numbers - A Whole-istic View - OWASP ...Application Security Assessments by the Numbers - A Whole-istic View - OWASP ...
Application Security Assessments by the Numbers - A Whole-istic View - OWASP ...
 
Secure Design: Threat Modeling
Secure Design: Threat ModelingSecure Design: Threat Modeling
Secure Design: Threat Modeling
 
Dmitriy Desyatkov "Secure SDLC or Security Culture to be or not to be"
Dmitriy Desyatkov "Secure SDLC or Security Culture to be or not to be"Dmitriy Desyatkov "Secure SDLC or Security Culture to be or not to be"
Dmitriy Desyatkov "Secure SDLC or Security Culture to be or not to be"
 
The Self Healing Cloud: Protecting Applications and Infrastructure with Autom...
The Self Healing Cloud: Protecting Applications and Infrastructure with Autom...The Self Healing Cloud: Protecting Applications and Infrastructure with Autom...
The Self Healing Cloud: Protecting Applications and Infrastructure with Autom...
 
How-To-Guide for Software Security Vulnerability Remediation
How-To-Guide for Software Security Vulnerability RemediationHow-To-Guide for Software Security Vulnerability Remediation
How-To-Guide for Software Security Vulnerability Remediation
 
The ThreadFix Ecosystem: Vendors, Volunteers, and Versions
The ThreadFix Ecosystem: Vendors, Volunteers, and VersionsThe ThreadFix Ecosystem: Vendors, Volunteers, and Versions
The ThreadFix Ecosystem: Vendors, Volunteers, and Versions
 
Secure Software Development Life Cycle
Secure Software Development Life CycleSecure Software Development Life Cycle
Secure Software Development Life Cycle
 
5 things i wish i knew about sast (DSO-LG July 2021)
5 things i wish i knew about sast (DSO-LG July 2021)5 things i wish i knew about sast (DSO-LG July 2021)
5 things i wish i knew about sast (DSO-LG July 2021)
 
The What, Why, and How of DevSecOps
The What, Why, and How of DevSecOpsThe What, Why, and How of DevSecOps
The What, Why, and How of DevSecOps
 
Real Cost of Software Remediation
Real Cost of Software RemediationReal Cost of Software Remediation
Real Cost of Software Remediation
 
Shift Left Security
Shift Left SecurityShift Left Security
Shift Left Security
 
Setting up a secure development life cycle with OWASP - seba deleersnyder
Setting up a secure development life cycle with OWASP - seba deleersnyderSetting up a secure development life cycle with OWASP - seba deleersnyder
Setting up a secure development life cycle with OWASP - seba deleersnyder
 

Viewers also liked

Malicious android-applications-risks-exploitation 33578
Malicious android-applications-risks-exploitation 33578Malicious android-applications-risks-exploitation 33578
Malicious android-applications-risks-exploitation 33578skowshik
 
Mobile Application Security
Mobile Application SecurityMobile Application Security
Mobile Application SecurityLenin Aboagye
 
Mobile Threats and Owasp Top 10 Risks
Mobile Threats and Owasp Top 10 RisksMobile Threats and Owasp Top 10 Risks
Mobile Threats and Owasp Top 10 RisksSantosh Satam
 
Threat modeling web application: a case study
Threat modeling web application: a case studyThreat modeling web application: a case study
Threat modeling web application: a case studyAntonio Fontes
 
SN-Security Architecture for Mobile Computing and IoT
SN-Security Architecture for Mobile Computing and IoTSN-Security Architecture for Mobile Computing and IoT
SN-Security Architecture for Mobile Computing and IoTSukumar Nayak
 

Viewers also liked (6)

Malicious android-applications-risks-exploitation 33578
Malicious android-applications-risks-exploitation 33578Malicious android-applications-risks-exploitation 33578
Malicious android-applications-risks-exploitation 33578
 
Mobile Application Security
Mobile Application SecurityMobile Application Security
Mobile Application Security
 
Mobile Threats and Owasp Top 10 Risks
Mobile Threats and Owasp Top 10 RisksMobile Threats and Owasp Top 10 Risks
Mobile Threats and Owasp Top 10 Risks
 
Threat modeling web application: a case study
Threat modeling web application: a case studyThreat modeling web application: a case study
Threat modeling web application: a case study
 
Threat Modelling
Threat ModellingThreat Modelling
Threat Modelling
 
SN-Security Architecture for Mobile Computing and IoT
SN-Security Architecture for Mobile Computing and IoTSN-Security Architecture for Mobile Computing and IoT
SN-Security Architecture for Mobile Computing and IoT
 

Similar to Threat Modeling for System Builders and System Breakers - Dan Cornell of Denim Group's Presentation for Los Alamos National Labs

Implementing AppSec Policies with TeamMentor
Implementing AppSec Policies with TeamMentorImplementing AppSec Policies with TeamMentor
Implementing AppSec Policies with TeamMentortmbainjr131
 
How is Your AppSec Program Doing Compared to Others
How is Your AppSec Program Doing Compared to OthersHow is Your AppSec Program Doing Compared to Others
How is Your AppSec Program Doing Compared to OthersDenim Group
 
Application Security Done Right
Application Security Done RightApplication Security Done Right
Application Security Done Rightpvanwoud
 
Running a Software Security Program with Open Source Tools
Running a Software Security Program with Open Source ToolsRunning a Software Security Program with Open Source Tools
Running a Software Security Program with Open Source ToolsDenim Group
 
Top Strategies to Capture Security Intelligence for Applications
Top Strategies to Capture Security Intelligence for ApplicationsTop Strategies to Capture Security Intelligence for Applications
Top Strategies to Capture Security Intelligence for ApplicationsDenim Group
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare ☁
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare ☁
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare ☁
 
Threat modelling(system + enterprise)
Threat modelling(system + enterprise)Threat modelling(system + enterprise)
Threat modelling(system + enterprise)abhimanyubhogwan
 
The Permanent Campaign
The Permanent CampaignThe Permanent Campaign
The Permanent CampaignDenim Group
 
BATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdfBATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdfBATbern
 
Skeletons in the Closet: Securing Inherited Applications
Skeletons in the Closet: Securing Inherited ApplicationsSkeletons in the Closet: Securing Inherited Applications
Skeletons in the Closet: Securing Inherited ApplicationsDenim Group
 
Securing Web Applications
Securing Web ApplicationsSecuring Web Applications
Securing Web ApplicationsMark Garratt
 
CIO Summit: Data Security in a Mobile World
CIO Summit: Data Security in a Mobile WorldCIO Summit: Data Security in a Mobile World
CIO Summit: Data Security in a Mobile WorldiMIS
 
CIO Summit: Data Security in a Mobile World
CIO Summit: Data Security in a Mobile WorldCIO Summit: Data Security in a Mobile World
CIO Summit: Data Security in a Mobile WorldiMIS
 

Similar to Threat Modeling for System Builders and System Breakers - Dan Cornell of Denim Group's Presentation for Los Alamos National Labs (20)

Implementing AppSec Policies with TeamMentor
Implementing AppSec Policies with TeamMentorImplementing AppSec Policies with TeamMentor
Implementing AppSec Policies with TeamMentor
 
How is Your AppSec Program Doing Compared to Others
How is Your AppSec Program Doing Compared to OthersHow is Your AppSec Program Doing Compared to Others
How is Your AppSec Program Doing Compared to Others
 
Web Application Security: Beyond PEN Testing
Web Application Security: Beyond PEN TestingWeb Application Security: Beyond PEN Testing
Web Application Security: Beyond PEN Testing
 
Application Security Done Right
Application Security Done RightApplication Security Done Right
Application Security Done Right
 
Application Threat Modeling
Application Threat ModelingApplication Threat Modeling
Application Threat Modeling
 
Securing your Cloud Deployment
Securing your Cloud DeploymentSecuring your Cloud Deployment
Securing your Cloud Deployment
 
Running a Software Security Program with Open Source Tools
Running a Software Security Program with Open Source ToolsRunning a Software Security Program with Open Source Tools
Running a Software Security Program with Open Source Tools
 
Top Strategies to Capture Security Intelligence for Applications
Top Strategies to Capture Security Intelligence for ApplicationsTop Strategies to Capture Security Intelligence for Applications
Top Strategies to Capture Security Intelligence for Applications
 
Application Hackers Have A Handbook. Why Shouldn't You?
Application Hackers Have A Handbook. Why Shouldn't You?Application Hackers Have A Handbook. Why Shouldn't You?
Application Hackers Have A Handbook. Why Shouldn't You?
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
 
Secure Iowa Oct 2016
Secure Iowa Oct 2016Secure Iowa Oct 2016
Secure Iowa Oct 2016
 
Threat modelling(system + enterprise)
Threat modelling(system + enterprise)Threat modelling(system + enterprise)
Threat modelling(system + enterprise)
 
The Permanent Campaign
The Permanent CampaignThe Permanent Campaign
The Permanent Campaign
 
BATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdfBATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdf
 
Skeletons in the Closet: Securing Inherited Applications
Skeletons in the Closet: Securing Inherited ApplicationsSkeletons in the Closet: Securing Inherited Applications
Skeletons in the Closet: Securing Inherited Applications
 
Securing Web Applications
Securing Web ApplicationsSecuring Web Applications
Securing Web Applications
 
CIO Summit: Data Security in a Mobile World
CIO Summit: Data Security in a Mobile WorldCIO Summit: Data Security in a Mobile World
CIO Summit: Data Security in a Mobile World
 
CIO Summit: Data Security in a Mobile World
CIO Summit: Data Security in a Mobile WorldCIO Summit: Data Security in a Mobile World
CIO Summit: Data Security in a Mobile World
 

More from Denim Group

Long-term Impact of Log4J
Long-term Impact of Log4JLong-term Impact of Log4J
Long-term Impact of Log4JDenim Group
 
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...Denim Group
 
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...Denim Group
 
Optimizing Security Velocity in Your DevSecOps Pipeline at Scale
Optimizing Security Velocity in Your DevSecOps Pipeline at ScaleOptimizing Security Velocity in Your DevSecOps Pipeline at Scale
Optimizing Security Velocity in Your DevSecOps Pipeline at ScaleDenim Group
 
Application Asset Management with ThreadFix
Application Asset Management with ThreadFix Application Asset Management with ThreadFix
Application Asset Management with ThreadFixDenim Group
 
OWASP San Antonio Meeting 10/2/20
OWASP San Antonio Meeting 10/2/20OWASP San Antonio Meeting 10/2/20
OWASP San Antonio Meeting 10/2/20Denim Group
 
AppSec Fast and Slow: Your DevSecOps CI/CD Pipeline Isn’t an SSA Program
AppSec Fast and Slow: Your DevSecOps CI/CD Pipeline Isn’t an SSA ProgramAppSec Fast and Slow: Your DevSecOps CI/CD Pipeline Isn’t an SSA Program
AppSec Fast and Slow: Your DevSecOps CI/CD Pipeline Isn’t an SSA ProgramDenim Group
 
Using Collaboration to Make Application Vulnerability Management a Team Sport
Using Collaboration to Make Application Vulnerability Management a Team SportUsing Collaboration to Make Application Vulnerability Management a Team Sport
Using Collaboration to Make Application Vulnerability Management a Team SportDenim Group
 
Managing Penetration Testing Programs and Vulnerability Time to Live with Thr...
Managing Penetration Testing Programs and Vulnerability Time to Live with Thr...Managing Penetration Testing Programs and Vulnerability Time to Live with Thr...
Managing Penetration Testing Programs and Vulnerability Time to Live with Thr...Denim Group
 
Security Champions: Pushing Security Expertise to the Edges of Your Organization
Security Champions: Pushing Security Expertise to the Edges of Your OrganizationSecurity Champions: Pushing Security Expertise to the Edges of Your Organization
Security Champions: Pushing Security Expertise to the Edges of Your OrganizationDenim Group
 
The As, Bs, and Four Cs of Testing Cloud-Native Applications
The As, Bs, and Four Cs of Testing Cloud-Native ApplicationsThe As, Bs, and Four Cs of Testing Cloud-Native Applications
The As, Bs, and Four Cs of Testing Cloud-Native ApplicationsDenim Group
 
An Updated Take: Threat Modeling for IoT Systems
An Updated Take: Threat Modeling for IoT SystemsAn Updated Take: Threat Modeling for IoT Systems
An Updated Take: Threat Modeling for IoT SystemsDenim Group
 
Continuous Authority to Operate (ATO) with ThreadFix – Bringing Commercial In...
Continuous Authority to Operate (ATO) with ThreadFix – Bringing Commercial In...Continuous Authority to Operate (ATO) with ThreadFix – Bringing Commercial In...
Continuous Authority to Operate (ATO) with ThreadFix – Bringing Commercial In...Denim Group
 
A New View of Your Application Security Program with Snyk and ThreadFix
A New View of Your Application Security Program with Snyk and ThreadFixA New View of Your Application Security Program with Snyk and ThreadFix
A New View of Your Application Security Program with Snyk and ThreadFixDenim Group
 
Enabling Developers in Your Application Security Program With Coverity and Th...
Enabling Developers in Your Application Security Program With Coverity and Th...Enabling Developers in Your Application Security Program With Coverity and Th...
Enabling Developers in Your Application Security Program With Coverity and Th...Denim Group
 
AppSec in a World of Digital Transformation
AppSec in a World of Digital TransformationAppSec in a World of Digital Transformation
AppSec in a World of Digital TransformationDenim Group
 
The As, Bs, and Four Cs of Testing Cloud-Native Applications
The As, Bs, and Four Cs of Testing Cloud-Native ApplicationsThe As, Bs, and Four Cs of Testing Cloud-Native Applications
The As, Bs, and Four Cs of Testing Cloud-Native ApplicationsDenim Group
 
Enabling Developers in Your Application Security Program With Coverity and Th...
Enabling Developers in Your Application Security Program With Coverity and Th...Enabling Developers in Your Application Security Program With Coverity and Th...
Enabling Developers in Your Application Security Program With Coverity and Th...Denim Group
 
AppSec in a World of Digital Transformation
AppSec in a World of Digital Transformation AppSec in a World of Digital Transformation
AppSec in a World of Digital TransformationDenim Group
 
Enumerating Enterprise Attack Surface
Enumerating Enterprise Attack SurfaceEnumerating Enterprise Attack Surface
Enumerating Enterprise Attack SurfaceDenim Group
 

More from Denim Group (20)

Long-term Impact of Log4J
Long-term Impact of Log4JLong-term Impact of Log4J
Long-term Impact of Log4J
 
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
 
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
 
Optimizing Security Velocity in Your DevSecOps Pipeline at Scale
Optimizing Security Velocity in Your DevSecOps Pipeline at ScaleOptimizing Security Velocity in Your DevSecOps Pipeline at Scale
Optimizing Security Velocity in Your DevSecOps Pipeline at Scale
 
Application Asset Management with ThreadFix
Application Asset Management with ThreadFix Application Asset Management with ThreadFix
Application Asset Management with ThreadFix
 
OWASP San Antonio Meeting 10/2/20
OWASP San Antonio Meeting 10/2/20OWASP San Antonio Meeting 10/2/20
OWASP San Antonio Meeting 10/2/20
 
AppSec Fast and Slow: Your DevSecOps CI/CD Pipeline Isn’t an SSA Program
AppSec Fast and Slow: Your DevSecOps CI/CD Pipeline Isn’t an SSA ProgramAppSec Fast and Slow: Your DevSecOps CI/CD Pipeline Isn’t an SSA Program
AppSec Fast and Slow: Your DevSecOps CI/CD Pipeline Isn’t an SSA Program
 
Using Collaboration to Make Application Vulnerability Management a Team Sport
Using Collaboration to Make Application Vulnerability Management a Team SportUsing Collaboration to Make Application Vulnerability Management a Team Sport
Using Collaboration to Make Application Vulnerability Management a Team Sport
 
Managing Penetration Testing Programs and Vulnerability Time to Live with Thr...
Managing Penetration Testing Programs and Vulnerability Time to Live with Thr...Managing Penetration Testing Programs and Vulnerability Time to Live with Thr...
Managing Penetration Testing Programs and Vulnerability Time to Live with Thr...
 
Security Champions: Pushing Security Expertise to the Edges of Your Organization
Security Champions: Pushing Security Expertise to the Edges of Your OrganizationSecurity Champions: Pushing Security Expertise to the Edges of Your Organization
Security Champions: Pushing Security Expertise to the Edges of Your Organization
 
The As, Bs, and Four Cs of Testing Cloud-Native Applications
The As, Bs, and Four Cs of Testing Cloud-Native ApplicationsThe As, Bs, and Four Cs of Testing Cloud-Native Applications
The As, Bs, and Four Cs of Testing Cloud-Native Applications
 
An Updated Take: Threat Modeling for IoT Systems
An Updated Take: Threat Modeling for IoT SystemsAn Updated Take: Threat Modeling for IoT Systems
An Updated Take: Threat Modeling for IoT Systems
 
Continuous Authority to Operate (ATO) with ThreadFix – Bringing Commercial In...
Continuous Authority to Operate (ATO) with ThreadFix – Bringing Commercial In...Continuous Authority to Operate (ATO) with ThreadFix – Bringing Commercial In...
Continuous Authority to Operate (ATO) with ThreadFix – Bringing Commercial In...
 
A New View of Your Application Security Program with Snyk and ThreadFix
A New View of Your Application Security Program with Snyk and ThreadFixA New View of Your Application Security Program with Snyk and ThreadFix
A New View of Your Application Security Program with Snyk and ThreadFix
 
Enabling Developers in Your Application Security Program With Coverity and Th...
Enabling Developers in Your Application Security Program With Coverity and Th...Enabling Developers in Your Application Security Program With Coverity and Th...
Enabling Developers in Your Application Security Program With Coverity and Th...
 
AppSec in a World of Digital Transformation
AppSec in a World of Digital TransformationAppSec in a World of Digital Transformation
AppSec in a World of Digital Transformation
 
The As, Bs, and Four Cs of Testing Cloud-Native Applications
The As, Bs, and Four Cs of Testing Cloud-Native ApplicationsThe As, Bs, and Four Cs of Testing Cloud-Native Applications
The As, Bs, and Four Cs of Testing Cloud-Native Applications
 
Enabling Developers in Your Application Security Program With Coverity and Th...
Enabling Developers in Your Application Security Program With Coverity and Th...Enabling Developers in Your Application Security Program With Coverity and Th...
Enabling Developers in Your Application Security Program With Coverity and Th...
 
AppSec in a World of Digital Transformation
AppSec in a World of Digital Transformation AppSec in a World of Digital Transformation
AppSec in a World of Digital Transformation
 
Enumerating Enterprise Attack Surface
Enumerating Enterprise Attack SurfaceEnumerating Enterprise Attack Surface
Enumerating Enterprise Attack Surface
 

Recently uploaded

Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 

Recently uploaded (20)

Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 

Threat Modeling for System Builders and System Breakers - Dan Cornell of Denim Group's Presentation for Los Alamos National Labs

  • 1. © Copyright 2014 Denim Group - All Rights Reserved Threat Modeling for System Builders and System Breakers! ! Dan Cornell! @danielcornell
  • 2. © Copyright 2014 Denim Group - All Rights Reserved 2 Dan Cornell •  Dan Cornell, founder and CTO of Denim Group •  Software developer by background (Java, .NET, etc) •  OWASP San Antonio •  15 years experience in software architecture, development and security •  Heads Denim Group’s application security team
  • 3. © Copyright 2014 Denim Group - All Rights Reserved Denim Group Background •  Professional services firm that builds & secures enterprise applications –  External application assessments •  Web, mobile, and cloud –  Software development lifecycle development (SDLC) consulting •  Classroom and e-Learning for PCI compliance •  Secure development services: –  Secure .NET and Java application development –  Post-assessment remediation •  Deep penetration in Energy, Financial Services, Banking, Insurance, Healthcare and Defense market sectors •  Customer base spans Fortune 500 •  Contributes to industry best practices through the Open Web Application Security Project (OWASP) 3
  • 4. © Copyright 2014 Denim Group - All Rights Reserved Agenda •  The Goals of Threat Modeling •  Understanding Threats and Risk •  Threat Modeling Activities –  Business –  Architectural –  Functional –  Threat Trees –  Rating Threats –  Countermeasures •  Effective Threat Modeling •  Threat Modeling Scenarios
  • 5. © Copyright 2014 Denim Group - All Rights Reserved The Goals of Threat Modeling
  • 6. © Copyright 2014 Denim Group - All Rights Reserved The Goals of Threat Modeling •  Take note we are discussing the goals, not the definition of threat modeling •  Definitions of a Threat Model differ –  A general list of security concerns for a given product –  A set of possible application attack scenarios to consider –  Structured way to look at systems and identify potential security issues –  A set of attacker profiles, with attacker goals and competencies •  These definitions are fine as definitions, but are not immediately actionable •  A threat model is difficult to define well because it does not fit a strict hierarchy or taxonomy •  We CAN identify the value in it
  • 7. © Copyright 2014 Denim Group - All Rights Reserved What Do We Want to Accomplish? •  Stay “ahead” of potential vulnerabilities •  Bring the application as planned or built in-line with security objectives •  Empower security verification activities •  Account for remediation and mitigation of problems as early as possible •  The earlier in the development / procurement process, the better –  The types of issues it identifies can be expensive to address after the fact.
  • 8. © Copyright 2014 Denim Group - All Rights Reserved What Do We Want to Accomplish? •  In assessments –  Organize relevant observations about an application’s architecture, unique features, and functional security –  Attack planning for tests and review beyond the “baseline” •  In development –  Predict and account for threats to the application’s unique architecture and features –  Estimate probability of a true exploit (DREAD) –  If functional security is not defined elsewhere, define it here •  AuthX •  Input validation •  Data protection •  etc. –  Justify the expense of countermeasures
  • 9. © Copyright 2014 Denim Group - All Rights Reserved How Can a Threat Model Support These Goals? •  Clearly identify the stakes –  What sensitive assets does the application handle? –  Who are the threat agents? •  Identify architecture and design-level issues –  Data Flow –  Business Logic •  Collate functional security solutions –  What is your authentication solution? Validation? Data protection? •  Threat Modeling must support your goals, not the other way around
  • 10. © Copyright 2014 Denim Group - All Rights Reserved Understanding Threats and Risk
  • 11. © Copyright 2014 Denim Group - All Rights Reserved Understanding Threats and Risk •  High-Level attack vectors –  Defeating a security mechanism –  Abusing an application feature –  Exploiting the insufficient security or poor implementation •  Remember, your application is part of a larger system •  Why is this important?
  • 12. © Copyright 2014 Denim Group - All Rights Reserved Understanding Threats and Risk •  What can seem like a simple application at first glance…
  • 13. © Copyright 2014 Denim Group - All Rights Reserved Understanding Threats and Risk •  Can quickly explode in complexity upon closer examination
  • 14. © Copyright 2014 Denim Group - All Rights Reserved Understanding Threats and Risk •  Try not to decide the scope of an architecture review or security assessment before thinking of the big picture •  The weakest point in a system may not be what you think •  With the right information on- hand, discovering vulnerabilities can be a simple matter of Q&A
  • 15. © Copyright 2014 Denim Group - All Rights Reserved Understanding Threats and Risk •  We have seen the risks to poor functional security…
  • 16. © Copyright 2014 Denim Group - All Rights Reserved Understanding Threats and Risk •  What about the unique features of our application?
  • 17. © Copyright 2014 Denim Group - All Rights Reserved Understanding Threats and Risk •  Technology should not abstract business processes, but aid their efficient handling •  Application logic should not completely circumvent normal accountability
  • 18. © Copyright 2014 Denim Group - All Rights Reserved Understanding Threats and Risk •  What about functional security? •  You don’t need to be proficient with a particular technology to evaluate a security solution –  Is it adequate? –  Do operational processes support it? –  Is the solution an established, tested one or custom-mad1e? 1.  Security Architecture 2.  Authentication 3.  Session Management 4.  Access Control 5.  Input Validation 6.  Output Encoding/Escaping 7.  Cryptography 8.  Error Handling and Logging 9.  Data Protection 10.  Communication Security 11.  HTTP Security 12.  Security Configuration 13.  Malicious Code Search 14.  Internal Security
  • 19. © Copyright 2014 Denim Group - All Rights Reserved Threat Modeling Activities
  • 20. © Copyright 2014 Denim Group - All Rights Reserved The Threat Modeling Process •  Let us take a clear look at what goes in and comes out of the process –  Business Logic –  Architecture –  Functional Security –  Attacker’s Perspective
  • 21. © Copyright 2014 Denim Group - All Rights Reserved Threat Model Inputs and Outputs •  Business –  Application requirements, enterprise security strategy in –  Assets, Agents, Abuse cases out •  Architectural –  Application architecture and design in –  Application data flow threats out •  Functional –  Implementation standards or application source in –  Functional security threats out •  Threat Trees –  Attack surface and attacker profiles in –  Threat trees out
  • 22. © Copyright 2014 Denim Group - All Rights Reserved Approaches for Identifying Threats •  Use Cases for Business –  Useful for identifying flaws with specific application features •  Data Flow for Architecture –  What threats can we identify looking at the application’s data flow? –  The whole system’s data stores, services, processes, etc. –  The interaction among those components •  Functional Security –  Here are the security features. How could an attacker defeat them? •  Attacker’s Goals for Threat Trees –  If you are an attacker, what would you want to accomplish? –  How would you go about achieving the malicious goal? –  Useful for identifying any erroneous security assumptions •  No one approach is perfect – these are essentially brain storming techniques
  • 23. © Copyright 2014 Denim Group - All Rights Reserved Threat Modeling Activities: Business
  • 24. © Copyright 2014 Denim Group - All Rights Reserved Threat Model Business Inputs and Outputs •  When can we do this? –  Any time the application is conceived •  Business Inputs –  Requirements, Use Cases, other requirements-related documentation –  Compliance, regulations, other strategic goals •  Business Outputs –  Business Assets –  Threat Agents –  Abuse Cases •  What have we accomplished? –  Data to scope future assessment efforts –  Abuse scenarios for targeted security testing
  • 25. © Copyright 2014 Denim Group - All Rights Reserved Identifying Threats through Abuse Cases •  This is where we catch potential flaws in business logic, customer support •  Look over each application use case –  What functionality fulfills that use case? –  How would an attacker attempt to abuse that functionality? •  If a use-case accounts for a user requesting a document, then the abuse case would account for a request to a document that they are not allowed to see or one that doesn't exist •  If a use-case accounts for a privileged user approving a transaction, then the abuse case would account for a lower-level user attempting to force approval for the transaction
  • 26. © Copyright 2014 Denim Group - All Rights Reserved Threat Modeling Activities: Architectural
  • 27. © Copyright 2014 Denim Group - All Rights Reserved Architectural Threats •  When can we do this? –  When the application architecture has been conceived –  It does not need to be final •  What do we make? –  A Data Flow Diagram •  We are going to do it in the Microsoft style –  Why? This is a good fit for many different types of systems
  • 28. © Copyright 2014 Denim Group - All Rights Reserved Creating Data Flow Diagrams (DFDs) •  Decompose the system into a series of processes and data flows •  Explicitly identify trust boundaries
  • 29. © Copyright 2014 Denim Group - All Rights Reserved Example Data Flow Diagram
  • 30. © Copyright 2014 Denim Group - All Rights Reserved Deriving Threats from the Data Flow
  • 31. © Copyright 2014 Denim Group - All Rights Reserved Data-Flow Based Threats •  This is where a Threat Model is uniquely beneficial •  Identify potential issues in a structured, repeatable manner •  Looking at asset types in the context of STRIDE
  • 32. © Copyright 2014 Denim Group - All Rights Reserved Identifying Threats from the Data Flow •  STRIDE is expansion of the common CIA threat types –  Confidentiality –  Integrity –  Availability •  STRIDE –  Spoofing Identity –  Tampering with Data –  Repudiation –  Information Disclosure –  Denial of Service –  Elevation of Privilege 32
  • 33. © Copyright 2014 Denim Group - All Rights Reserved Asset Types
  • 34. © Copyright 2014 Denim Group - All Rights Reserved Mapping Threats to Data Flow Asset Types Threat  Type   External   Interactor   Process   Data  Flow   Data  Store   S  –  Spoofing   Yes   Yes   T  –  Tampering   Yes   Yes   Yes   R  –  Repudia4on   Yes   Yes   Yes   I  –  Informa4on  Disclosure   Yes   Yes   Yes   D  –  Denial  of  Service   Yes   Yes   Yes   E  –  Eleva4on  of  Privilege   Yes   34
  • 35. © Copyright 2014 Denim Group - All Rights Reserved Spoofing: External Interactors
  • 36. © Copyright 2014 Denim Group - All Rights Reserved Spoofing: Remote Applications
  • 37. © Copyright 2014 Denim Group - All Rights Reserved Tampering: Data Stores
  • 38. © Copyright 2014 Denim Group - All Rights Reserved Tampering: Applications
  • 39. © Copyright 2014 Denim Group - All Rights Reserved Repudiation •  What data reflects business transactions? –  Logs? –  Database? –  Other intermediate files? –  External entities? •  Is this data adequate? –  Safeguard against fraud? –  Incident response?
  • 40. © Copyright 2014 Denim Group - All Rights Reserved Information Disclosure: Data Stores
  • 41. © Copyright 2014 Denim Group - All Rights Reserved Information Disclosure: Transport Layer
  • 42. © Copyright 2014 Denim Group - All Rights Reserved Information Disclosure: Technical and Operations
  • 43. © Copyright 2014 Denim Group - All Rights Reserved Information Disclosure: Identified Data Assets •  What are the touch points for sensitive data? –  Data Stores? –  Applications? –  Transport Layer? •  How do these entities handle the data? –  In memory? –  At rest?
  • 44. © Copyright 2014 Denim Group - All Rights Reserved Denial of Service
  • 45. © Copyright 2014 Denim Group - All Rights Reserved Elevation of Privilege •  What entities manage privileges? –  Apps manage feature/data access –  Apps maintain credentials –  Network trusts app –  Batch processes access file system –  Batch processes maintain credentials •  Are these privileges sound? –  Too permissive? –  Prone to disclosure? –  Poor operational management?
  • 46. © Copyright 2014 Denim Group - All Rights Reserved Threat Modeling Activities: Functional
  • 47. © Copyright 2014 Denim Group - All Rights Reserved Functional Security Threats •  When can we do this? –  The team uses coding standards –  The application is released or well into development •  Functional Inputs –  Technology Stack –  Implementation Standards •  Functional Outputs
  • 48. © Copyright 2014 Denim Group - All Rights Reserved Functional Security •  Even organizations that track functional security do not often have it collated –  Authentication –  Session Management –  Input Validation –  Data Protection –  Error Handling –  Etc. –  I may or may not know what your coding standards are, but I want to know how you actually implement them •  Abuse cases for each domain of functional security –  How would an attacker look for gaps? –  How could the mechanism be abused or circumvented? •  This does go over a lot of the assessment “baseline”, but the value is in having it together
  • 49. © Copyright 2014 Denim Group - All Rights Reserved Functional Security Taxonomy 1.  Security Architecture 2.  Authentication 3.  Session Management 4.  Access Control 5.  Input Validation 6.  Output Encoding/Escaping 7.  Cryptography 8.  Error Handling and Logging 9.  Data Protection 10.  Communication Security 11.  HTTP Security 12.  Security Configuration 13.  Malicious Code Search 14.  Internal Security One important item NOT in ASVS •  Least Privilege The OWASP Application Security Verification Standard is a good fit for this
  • 50. © Copyright 2014 Denim Group - All Rights Reserved Threat Modeling Activities: Countermeasures
  • 51. © Copyright 2014 Denim Group - All Rights Reserved Countermeasures •  Do nothing •  Remove the feature •  Turn off the feature •  Warn the user •  Counter the threat with Operations –  Accountability –  Separation of Duties •  Counter the threat with Technology –  Change in Design –  Change in Implementation •  There is no “catch all” countermeasure
  • 52. © Copyright 2014 Denim Group - All Rights Reserved Generic Mobile Application Threat Model 52
  • 53. © Copyright 2014 Denim Group - All Rights Reserved 53 Questions / Contact Information Dan Cornell Principal and CTO dan@denimgroup.com Twitter @danielcornell (210) 572-4400 www.denimgroup.com blog.denimgroup.com