When reviewing the security posture of any application or system, it is important to consider the threats that the system is exposed to. This is where threat modelling comes in. Threat modelling is a process of identifying, quantifying and prioritising threats to a system. It is a structured approach to identifying and evaluating potential threats and vulnerabilities. It is a proactive approach to security and helps to identify threats early in the development lifecycle.
A good threat model can help answer the following questions:
STRIDE
is a powerful security threat modeling approach developed by Microsoft. It helps developers and architects identify and mitigate potential security vulnerabilities in software applications.
• STRIDE stands for Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege. • It’s a mnemonic that helps remember the primary threat categories.
Spoofing: Identity theft or impersonation attacks
Tampering: Unauthorized modification of data or code
Repudiation: Disputing the authenticity of an action or transaction
Information Disclosure: Unauthorized access to sensitive data
Denial of Service (DoS): Disruption of services or system availability
Elevation of Privilege: Gaining unauthorized privileges to perform restricted actions