Threat Analysis

	"Experience shows that nearly 50% of security flaws will be discovered from Threat Modeling because it finds different threats than those found through code review"
	-Michael Howard, author of "Writing Secure Code" and Security Program Manager, Microsoft

Threat Analysis Overview

Threat Analysis is a key and often under appreciated security analysis technique that Development, IT and Management teams use to identify critical risks and make better security decisions. Whether performed on an existing application or throughout the software development lifecycle, Threat Analysis is an essential component of risk management because it helps quantify and visualize the otherwise intangible threats that an application carries. This knowledge allows security teams to quantify the potential impact of each threat’s exploitation and ultimately prioritize their mitigation based on the measured exposure and related costs.

Threat modeling is the starting point in creating, deploying and maintaining secure software applications and offers the following benefits:
 

	Fast and practical - allows for many applications to be analyzed in a short period of time
	Exposes REAL threats, not hypothetical or potential threats (very few or no false positives)
	Maps to design decisions, implementation guidelines, testing activities and risk mitigation
	Produces a persistent and tangible asset that can be leveraged when new risks are uncovered

Security Innovation offers an in-depth Threat Modeling Service as well as a fixed-cost, fixed-duration Rapid Threat Modeling Service (more below)

Rapid Threat Modeling

This turn-key service provides organizations that are unclear as to their application security risk the opportunity to quickly understand it - and decide whether or not to dive deeper into the problem and/or immediately take appropriate risk mitigation steps. The fixed duration service leverages Security Innovation’s cutting edge threat modeling techniques to identify and quantify the attack surface of an application and provides the guidance for addressing any security vulnerabilities.

During the three (3) day engagement, Security Innovation threat model engineers analyze the application and its environment and generate a complete business level threat model and as many deep threat vectors as possible. The finished threat model includes the following key items:

	Software assets that are most at risk and require protection
	Most likely threats to those at-risk assets
	Specific malicious attacks that could be used to realize those threats
	Design, implementation & deployment conditions under which the attacks would be successful
	Mitigations or additional testing that must be conducted to reduce the identified threats or prove/disprove their existence

The knowledge gained from a Rapid Threat Model may be used to determine the next steps for your application's lifecycle, including deeper threat modeling and/or assessment, rebuilding or redeploying, replacing it with another vendor’s application, or taking it out of service completely.

Rapid Threat Modeling is ideal for:

	Managers who need to quickly understand high-level security threats to their information systems
	IT departments that need to address immediate risk and plan for future deployments
	Application development teams looking to mitigate risk in their applications prior to deployment
	Small to Large Enterprises that have not yet conducted an application-level risk analysis

Should you wish to extend the engagement and have Security Innovation develop a deeper, more detailed Threat Model, you may purchase additional hours.

Threat Modeling: The Art of Identifying & Mitigating Risk