Threat Modeling: Security Development Lifecycle

1. Threat Modeling:Security Development Lifecycle Tyrell Flurry Jeff Thomas Akhil Oniha

2. What is Threat Modeling? • An engineering technique used to aid in the identification of assets, vulnerabilities, threats, attacks and countermeasures for a given system or software. Threat modeling helps to: • Identify security objectives. • Identify threats. • Identify vulnerabilities and countermeasures

3. Why Microsoft SDL? • Threat modeling is a complex task that few individuals can properly execute • Software architects are generally more concerned with operation and performance than security • Microsoft SDL transforms threat modeling into an activity that any software architect can perform effectively

4. How Does Microsoft SDL work? • Microsoft based application must be used on Microsoft OS and requires Microsoft Visio for diagramming system • Step 1: Diagram/whiteboard system • Step 2: Identify Threats (STRIDE approach) • Step 3: Identify Mitigation Strategies • Step 4: Validate system and repeat

5. Our Approach • Utilize the Microsoft SDL to analyze the threats faced by a fictitious bank’s online banking application. • Whiteboard system Level 0 DFD • Utilize Microsoft SDL to identify threats that face each component/element of the DFD • Establish appropriate mitigation strategies