Categories
AI Behavioral Targeting

Guide to Creating a System Model in Threat Modeling [Video]

Threat modeling is just what the name implies. It requires asking relevant questions: Who is likely to attack us? What do they want? How are they likely to try to do it?

Answers to those and other questions can help an organization create a model that will help it mitigate those likely threats and set priorities for what assets are the most important to protect.

There is general agreement in the cybersecurity industry on the five necessary steps to create a useful threat model. They are scoping, data gathering, system model, attack model, and risk analysis. But different providers offer different methodologies to complete those steps.

Chris Cummings, principal consultant at Black Duck, is coauthor of a recent white paper, “Threat Modeling, Decoded,” designed to help security teams address those threats more intentionally and efficiently, and provide the most protection for what they value most.

In a previous AppSec Decoded …

Watch/Read More