Threat Modeling Flashcards
STRIDE
Spoofing - you can also use Spoofing more loosely during STRIDE threat modeling to classify threats related to users and access rights.
Tampering - You can also use Tampering more loosely during STRIDE threat modeling to classify threats related to the security of data.
Repudiation - Repudiation relates to the ability to prove or disprove that an action or activity was performed by a specific user (or not). Repudiation is thus a type of threat whereby an attacker denies having performed a malicious action.
Information Disclosure - Information Disclosure is a type of threat whereby the attacker gains access to information that should be confidential or secret
Denial of Service - Denial of Service is a type of threat whereby an attacker will prevent a system (or application) from working for valid users.
Elevation of Privilege - Elevation of Privilege is a type of threat whereby an attacker will elevate their current level of access privilege.
Threat Modeling Process
https://owasp.org/www-community/Threat_Modeling_Process
Security Architecture Review
- [ ] Define Requirements
- [ ] Security requirements
- [ ] Compliance
- [ ] Data regulation laws - per country
- [ ] Who has access to the data?
- [ ] Support?
- [ ] Who has access to the data?
- [ ] What are the users of this service
- [ ] Maximize isolation
- [ ] Secret Management (vault, encryption, etc)
- [ ] Key rotation
- [ ] Authentication between services
- [ ] Authorization between services
- [ ] Certificates
- [ ] Logging - audibility
- [ ] Feeding into DNR systems
- [ ] DoS protection
- [ ] Limits
- [ ] Least Privilege
- [ ] What happens if part of the system is down?
- [ ] Can the system be used to attack another system?
- [ ] Does anything else live in the same environment as the new system?
- [ ] Minimize attack surface
- [ ] Defense in depth
- [ ] Encryption at rest and in transit
- [ ] Anything Open Source?
- [ ] Has everything gone through a security vendor review?
