WwwTASK.to © Toronto Area Security Klatch 2007 Threat Modeling With STRIDE and DREAD Chuck Ben-Tzur Security Consultant Sentry Metrics March 27, 2007.

Slides:

Advertisements

Similar presentations

Network Security Chapter 1 - Introduction.

Advertisements

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Lesson Title: Threat Modeling Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas 1 This.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Risk Assessment What is RISK?  requires vulnerability  likelihood of successful attack  amount of potential damage Two approaches:  threat modeling.

Hands on Demonstration for Testing Security in Web Applications

Lynn Ray ISO Towson University Strategic Planning for IT Security Copyright Lynn Ray, This work is the intellectual property rights of the author.

Application Software Assurance Program (ASAP) Santosh S Kandala Technical Analyst Application Consulting & Engineering Anmol Malhotra.

Copyright © Microsoft Corp 2006 Introduction to Threat Modeling Michael Howard, CISSP Senior Security Program Manager Security Engineering and Communication.

Writing Secure Code – Best Practices

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

©2009 Justin C. Klein Keane PHP Code Auditing Session 6 Auditing Strategies & Demonstration Justin C. Klein Keane

Security Engineering II. Problem Sources 1.Requirements definitions, omissions, and mistakes 2.System design flaws 3.Hardware implementation flaws, such.

Applied Cryptography for Network Security

By: Ashwin Vignesh Madhu

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

BUILDING A SECURE STANDARD LIBRARY Information Assurance Project I MN Tajuddin hj. Tappe Supervisor Mdm. Rasimah Che Mohd Yusoff ASP.NET TECHNOLOGY.

April 3-5, 2005Security Professionals Conference Ways to Fit Security Risk Management to Your Environment Using the OCTAVE Methodology Tailoring.

Application Threat Modeling Workshop

Sam Cook April 18, Overview What is penetration testing? Performing a penetration test Styles of penetration testing Tools of the trade.

SEC835 Database and Web application security Information Security Architecture.

Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus

GOOGLE HACKING FOR PENETRATION TESTERS Chris Chromiak SentryMetrics March 27 th, 2007.

Network Vulnerability Assessment Methodology Lesson 6.

Architecting secure software systems

1 Threat Modeling at Symantec OWASP WWW, Irvine, CA, January 28, 2011 Threat Modeling at Symantec Edward Bonver Principal Software Engineer, Symantec Product.

Cryptography and Network Security

Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY

© 2001 Carnegie Mellon University S8A-1 OCTAVE SM Process 8 Develop Protection Strategy Workshop A: Protection Strategy Development Software Engineering.

SEC835 Practical aspects of security implementation Part 1.

OBJECT ORIENTED SYSTEM ANALYSIS AND DESIGN. COURSE OUTLINE The world of the Information Systems Analyst Approaches to System Development The Analyst as.

NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY 1 Integrated Enterprise-wide Risk Management Protecting Critical Information Assets and Records FIRM Forum.

Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:

Securing Your ASP.NET Application Presented by: Rob Bagby Developer Evangelist Microsoft ( )

Documenting threats and vulnerabilities in a web services infrastructure Lieven Desmet DistriNet Research Group, Katholieke Universiteit Leuven, Belgium.

APPLICATION PENETRATION TESTING Author: Herbert H. Thompson Presentation by: Nancy Cohen.

Federal Information Security Management Act (FISMA) By K. Brenner OCIO Internship Summer 2013.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.

Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.

Practical Threat Modeling for Software Architects & System Developers

UNIT-1 SOFTWARE PRODUCT AND PROCESS: Introduction – S/W Engineering paradigm – Verification – Validation – Life cycle models – System engineering –

SEC835 Security in Databases and Web applications Presentation.

What is RISK?  requires vulnerability  likelihood of successful attack  amount of potential damage Two approaches:  threat modeling  OCTAVE Risk/Threat.

CSSE 492 Software Dependability Seattle University Computer Science & Software Engineering Winter 2007 Prof. Roshanak Roshandel.

July 1, 2004Computer Security: Art and Science © Matt Bishop Slide #1-1 Risk Management Process Frame = context, strategies Assess = determine.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter 1: Security Governance Through Principles and Policies

1 I ntegrated S ite S ecurity for G rids WP2 – Site Assessment Methodology, 20 June 2007 WP2 - Methodology ISS e G Integrated Site Security.

Module 7: Designing Security for Accounts and Services.

Risk Assessment What is good about the Microsoft approach to threat modeling? What is bad about it? OCTAVE…  Advantage: ___________  Disadvantage: ___________.

Presented by Mike Sues, Ethical Hack Specialist Threat Modeling.

Security Development Lifecycle. Microsoft SDL 概觀 The SDL is composed of proven security practices It works in development organizations regardless of.

© Cloud Security Alliance, 2015 March 2, Agenda © Cloud Security Alliance, 2015 The SecaaS Working Group Recent Activity Charter Category outline/templates.

Threat Modeling: Employing the 5 Ws Security Series, December 13, 2013 Jeff Minelli Penn State ITS

Writing Secure Code – Best Practices Name Job Title Company.

CS457 Introduction to Information Security Systems

ISSeG Integrated Site Security for Grids WP2 - Methodology

Threat Modeling - An Overview All Your Data is Mine

Evaluating Existing Systems

Evaluating Existing Systems

Off-line Risk Assessment of Cloud Service Provider

Evaluating Program Security

Copyright Gupta Consulting, LLC.

CMGT/431 INFORMATION SYSTEMS SECURITY The Latest Version // uopcourse.com

CMGT 431 CMGT431 cmgt 431 cmgt431 Entire Course // uopstudy.com

Presentation transcript:

wwwTASK.to © Toronto Area Security Klatch 2007 Threat Modeling With STRIDE and DREAD Chuck Ben-Tzur Security Consultant Sentry Metrics March 27, 2007

wwwTASK.to © Toronto Area Security Klatch 2007 (Application) Threat Modeling A process to identify threats to the system, the associated risks and determine the correct controls to produce effective countermeasures The output is a list of rated threats. The threat model helps you to focus on the most potent threats Aimed to be used at the design phase of a system. However, usually implemented at the testing phase (vulnerability assessment) Not only for web applications. Can be (and should be...) applied to different type of systems (e.g. networks)

wwwTASK.to © Toronto Area Security Klatch 2007 Threat Modeling (cont.) The threat modeling process (introduced by Microsoft around 2002) Identify Assets Create architecture overview (subsystems, trust boundaries, data flow) Decompose the application (Build a security profile) Identify the threats (STRIDE) Document the threats Rate the threats (DREAD)

wwwTASK.to © Toronto Area Security Klatch 2007 STRIDE A methodology for identifying and categorizing threats S S poofing identity T T ampering with data R R epudiation I I nformation disclosure D D enial of service E E levation of privileges “Business” oriented – easier for non-technical persons to relate to Expand (can replace) the “map by mechanisms and subsystems” approach Can be used also to identify threats (e.g. as pen. test checklist)

wwwTASK.to © Toronto Area Security Klatch 2007 DREAD A methodology for risk rating. Each vulnerability is graded in all of the following categories: D D amage potential 0 – Leaking Trivial Info, 5 – Sensitive, 10 – Admin level R R eproducibility 0 – Very difficult to reproduce, 5 – three steps, 10 – web browser E E xploitability 0 – very skilled, 5 – can be automated, 10 – novice programmer A A ffected Users 0 – few users, 5 – some users, 10 – all users D D iscoverability 0 – unlikely, 5 – accessible only to few users, 10 - published The risk overall rate calculation formula: Rating = (D + R + E + A + D) / 5 ThreatDREADRate Attacker obtains authentication credentials by monitoring the network High SQL commands injected into application10 59High

wwwTASK.to © Toronto Area Security Klatch 2007 DREAD (cont.)

wwwTASK.to O perationally C ritical T hreat A sset and V ulnerability E valuation Risk-based strategic assessment and planning technique for security Key differences: Organization focused (as opposed to system) Security practices (not technology specific) Strategic issues (not relating to tactical aspects) Self direction (security experts) Flexible - can be tailored for small and large organizations Focuses on the design and strategic planning of the organization Input is from both internal business and technical resources Not suitable for ad-hoc vulnerability assessments © Toronto Area Security Klatch 2007 The OCTAVE Option

wwwTASK.to © Toronto Area Security Klatch 2007 Resources Threat Modeling Microsoft Threat Analysis & Modeling v b7d &displaylang=en Octave Good book on the subject Threat Modeling (Microsoft Professional)