Welcome to the fourth and final episode of the AppSec Decoded series covering the recent Synopsys white paper on threat modeling, “Threat Modeling, Decoded.” Threat modeling is a key foundational step in creating an efficient and effective cybersecurity program, and it requires organizations to document the digital assets they need to protect and how attackers are likely to attempt to compromise it.
The threat modeling process, which includes five steps—scoping, data gathering, system modeling, attack modeling, and risk analysis—can be adapted to meet the needs of an organization. Chris Cummings, principal consultant at Synopsys and coauthor of that white paper, has noted (with his fellow coauthors) that threat modeling needs to address “the whole tangle of hardware, software, network interfaces, cloud services, legacy systems, etc. that interact together.”
In three previous episodes, Cummings and Taylor Armerding, security advocate at Synopsys, discussed scoping and data gathering, the system model, and the attack model. In this final conversation, they focus on Step 5—the risk analysis—which builds on the previous four steps to help evaluate two attributes of a threat: likelihood and potential impact.