SlideShare uma empresa Scribd logo

Threat modelling with_sample_application

Transferir como PPTX, PDF
Umut IŞIK
Umut IŞIK
1 de 24
Umut IŞIK Threat Modelling With a sample application
1. Threat Modelling 2. Sample Application 3. Threat Model Of The Application 4. Resources Table Of Contents
An approach for analyzing the security of an application Security? ▪ protect applications from external threats ▪ protect data integrity ▪ protect service 1.Threat Modelling
Vocabulary ▪ Asset; A resource of value such as the data in a database ▪ Threat; Anything that can exploit a vulnerability and obtain, damage, or destroy an asset. ▪ Vulnerability; A weakness or gap in security program that can be exploited by threats to gain unauthorized access to an asset. ▪ Attack (or exploit); An action taken to harm an asset. ▪ Countermeasure; A safeguard that addresses a threat and mitigates risk. 1.Threat Modelling
The model can be decomposed into three steps 1. Decompose the application 2. Determine and rank threats 3. Determine countermeasures and migitation 1.Threat Modelling
1.1. Decompose the application Understanding of the application ▪ External Dependencies ▪ Entry points: sources of input to your application ▪ Assets ▪ Roles: sets of priviledges, trust levels 1.Threat Modelling
1.2. Determine and rank threats Categorization of threats (by attackers goal) ▪ Spoofing: Illegal access ▪ Tampering: Maliciously add/modify persistent data ▪ Repudiation: ▪ Information Disclosure: Read data that was not granted ▪ Denial of Service: Make service unavailable ▪ Elevation of Privilege: Gain privileged access 1.Threat Modelling
1.2. Determine and rank threats Threats should be ranked according to risk (1-10) (D + R + E + A + D)/5 ▪ Damage; ▪ Reproducibility; ▪ Exploitability; ▪ Affected Users; ▪ Discoverability; 1.Threat Modelling
1.2. Determine and rank threats What is risk? Risk = Likelihood X Impact 1.Threat Modelling
1.2. Determine and rank threats Likelihood is probability and possibility of the attack. 1. Can an attacker exploit the attack remotely? 2. Is the authentication required? 3. Can it be automated? 1.Threat Modelling
1.2. Determine and rank threats Impact is the potential damage and the extent of the damage. Can the attacker 1. take over the system complety? 2. gain administration access to the system? 3. crash the system? 4. access to sensitive information? 1.Threat Modelling
1.2. Determine and rank threats Impact is the potential damage and the extent of the damage. 1. How many data sources and components can be impacted? 2. How deep can the threat agent go? 1.Threat Modelling
1.3. Determine countermeasures and mitigation Security Controls 1.Threat Modelling Type Security Control Spoofing Authentication, protect secrets, don’t store secrets Tampering Integrity, hash, digital signature, tamper resistant protocols Repudiation Non-Repudiation, digital signature Information Disclosure Confidentiality, privacy enhanced protocols,encryption,protect secrets,don’t store secrets Denial of Service Authentication, authorization, filtering, throttling, quality of service Elevation of privilege Authorization, least priviledge
1.3. Determine countermeasures and mitigation Mitigation Strategy 1. Do nothing 2. Inform about the risk 3. Mitigate the risk 4. Accept the risk 5. Transfer the risk 6. Terminate the risk 1.Threat Modelling
Content Translation Memory (TM) ▪ Memory between internal CMSs to external translation agencies ▪ UI for users to update memory ▪ Service layer for CMS aplications to send and receive data ▪ FTP file transfer to translation agency 2. Sample Application
TM 2. Sample Application
3.1. Decomposing the Application External Dependencies 3. Threat Model Of The Application ID Description Protection Migitation Strategy 1 The application will run on a Linux server running Apache. The server will be hardenned by creating a lates version strategy Transfer the risk 2 The database server will be Mysql The server will be hardenned by creating a lates version strategy Transfer the risk 3 The connection between application and the database Over a private network Terminate the risks
3.1. Decomposing the Application Entry Points 3. Threat Model Of The Application ID Name Description Trust Level/Role Migitation Strategy 1 User Interface: • Login Page • Edit Translation • Edit Transaction • Reports All Pages should be accessible via TLS Anonymous User, User with valid credentials Migitate the risk 2 Service Layer All services should be accessible via TLS Service User with valid API key Migitate the risk 3 FTP connection Connect to an external FTP server via TLS User with valid credentials Migitate the risk
3.1. Decomposing the Application Assets 3. Threat Model Of The Application ID Name Description Trust Level/Role 1 Content Content data User with valid credentials, Service User with valid API key 2 User data usernames, passwords User with valid credentials 3 Transaction information Locale assignment, translation status User with valid credentials
3.2. Threat Profile ▪ Brainstorm about threats ▪ Avoid thinking about solutions ▪ Give proper unique for each threat 3. Threat Model Of The Application
3.2. Threat Profile Threat #1 Atacker steals authentication credentials Rank: 8 ▪ Credentials are cached to insecure locations on the client system ▪ Credentials are sent as GET parameters that may be cached. 3. Threat Model Of The Application
3.2. Threat Profile Threat #2 Atacker logins with brute force Rank: 8 ▪ The Logon page does not properly sanitize input ▪ Functionality accessible only after logging in can be called directly ▪ Credentials are cached locally. ▪ Credentials are present in the form of comments in JavaScript. ▪ Authentication is handled on the client (JavaScript). ▪ Persistent cookies are stored in the browser. ▪ Weak passwords are in use. 3. Threat Model Of The Application
3.2. Threat Profile Threat #3 An attacker can launch a denial of service attack Rank: 9 ▪ Poorly configured account lockout policy in place. ▪ Absence of CAPTCHA allowing users to fill up a backend database with useless data via public registration forms. 3. Threat Model Of The Application
▪ https://www.owasp.org/index.php/Application_Threat_Modeling 5. Resources

Recomendados

Threat Modelling
Threat ModellingThreat Modelling
Threat Modellingn|u - The Open Security Community
 
Security Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and ToolsSecurity Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and ToolsYulian Slobodyan
 
Threat Modeling Everything
Threat Modeling EverythingThreat Modeling Everything
Threat Modeling EverythingAnne Oikarinen
 
Threat Modeling And Analysis
Threat Modeling And AnalysisThreat Modeling And Analysis
Threat Modeling And AnalysisLalit Kale
 
Cyber Threat Modeling
Cyber Threat ModelingCyber Threat Modeling
Cyber Threat ModelingEC-Council
 
7 Steps to Threat Modeling
7 Steps to Threat Modeling7 Steps to Threat Modeling
7 Steps to Threat ModelingDanny Wong
 
Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Edureka!
 
Application Security - Your Success Depends on it
Application Security - Your Success Depends on itApplication Security - Your Success Depends on it
Application Security - Your Success Depends on itWSO2
 

Recomendados

Threat Modelling
Threat ModellingThreat Modelling
Threat Modellingn|u - The Open Security Community
 
Security Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and ToolsSecurity Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and ToolsYulian Slobodyan
 
Threat Modeling Everything
Threat Modeling EverythingThreat Modeling Everything
Threat Modeling EverythingAnne Oikarinen
 
Threat Modeling And Analysis
Threat Modeling And AnalysisThreat Modeling And Analysis
Threat Modeling And AnalysisLalit Kale
 
Cyber Threat Modeling
Cyber Threat ModelingCyber Threat Modeling
Cyber Threat ModelingEC-Council
 
7 Steps to Threat Modeling
7 Steps to Threat Modeling7 Steps to Threat Modeling
7 Steps to Threat ModelingDanny Wong
 
Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Edureka!
 
Application Security - Your Success Depends on it
Application Security - Your Success Depends on itApplication Security - Your Success Depends on it
Application Security - Your Success Depends on itWSO2
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to CybersecurityKrutarth Vasavada
 
Application Threat Modeling
Application Threat ModelingApplication Threat Modeling
Application Threat ModelingMarco Morana
 
Application Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingApplication Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingPriyanka Aash
 
Cyber security
Cyber securityCyber security
Cyber securitymanoj duli
 
Cyber kill chain
Cyber kill chainCyber kill chain
Cyber kill chainAnkita Ganguly
 
Attack modeling vs threat modelling
Attack modeling vs threat modellingAttack modeling vs threat modelling
Attack modeling vs threat modellingInvisibits
 
Scalable threat modelling with risk patterns
Scalable threat modelling with risk patternsScalable threat modelling with risk patterns
Scalable threat modelling with risk patternsStephen de Vries
 
kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3Shawn Croswell
 
Pranavi verma-cyber-security-ppt
Pranavi verma-cyber-security-pptPranavi verma-cyber-security-ppt
Pranavi verma-cyber-security-pptPranaviVerma
 
Threat Intelligence
Threat IntelligenceThreat Intelligence
Threat IntelligenceDeepak Kumar (D3)
 
Cyber security
Cyber securityCyber security
Cyber securitySatbharai Sethar
 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence pptKumar Gaurav
 
Network security - Defense in Depth
Network security - Defense in DepthNetwork security - Defense in Depth
Network security - Defense in DepthDilum Bandara
 
Types of Threat Actors and Attack Vectors
Types of Threat Actors and Attack VectorsTypes of Threat Actors and Attack Vectors
Types of Threat Actors and Attack VectorsLearningwithRayYT
 
Application Threat Modeling
Application Threat ModelingApplication Threat Modeling
Application Threat ModelingPriyanka Aash
 
Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & Architecture Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & ArchitecturePriyanka Aash
 
Application Security
Application SecurityApplication Security
Application Securityflorinc
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability Managementasherad
 
Cyber security
Cyber securityCyber security
Cyber securityManjushree Mashal
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationTriCorps Technologies
 
06. security concept
06. security concept06. security concept
06. security conceptMuhammad Ahad
 
Management Information Systems
Management Information SystemsManagement Information Systems
Management Information Systemsmsd11
 

Mais conteúdo relacionado

Mais procurados

Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to CybersecurityKrutarth Vasavada
 
Application Threat Modeling
Application Threat ModelingApplication Threat Modeling
Application Threat ModelingMarco Morana
 
Application Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingApplication Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingPriyanka Aash
 
Cyber security
Cyber securityCyber security
Cyber securitymanoj duli
 
Attack modeling vs threat modelling
Attack modeling vs threat modellingAttack modeling vs threat modelling
Attack modeling vs threat modellingInvisibits
 
Scalable threat modelling with risk patterns
Scalable threat modelling with risk patternsScalable threat modelling with risk patterns
Scalable threat modelling with risk patternsStephen de Vries
 
kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3Shawn Croswell
 
Pranavi verma-cyber-security-ppt
Pranavi verma-cyber-security-pptPranavi verma-cyber-security-ppt
Pranavi verma-cyber-security-pptPranaviVerma
 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence pptKumar Gaurav
 
Network security - Defense in Depth
Network security - Defense in DepthNetwork security - Defense in Depth
Network security - Defense in DepthDilum Bandara
 
Types of Threat Actors and Attack Vectors
Types of Threat Actors and Attack VectorsTypes of Threat Actors and Attack Vectors
Types of Threat Actors and Attack VectorsLearningwithRayYT
 
Application Threat Modeling
Application Threat ModelingApplication Threat Modeling
Application Threat ModelingPriyanka Aash
 
Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & Architecture Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & ArchitecturePriyanka Aash
 
Application Security
Application SecurityApplication Security
Application Securityflorinc
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability Managementasherad
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationTriCorps Technologies
 

Mais procurados (20)

Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
 
Application Threat Modeling
Application Threat ModelingApplication Threat Modeling
Application Threat Modeling
 
Application Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingApplication Security Architecture and Threat Modelling
Application Security Architecture and Threat Modelling
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber kill chain
Cyber kill chainCyber kill chain
Cyber kill chain
 
Attack modeling vs threat modelling
Attack modeling vs threat modellingAttack modeling vs threat modelling
Attack modeling vs threat modelling
 
Scalable threat modelling with risk patterns
Scalable threat modelling with risk patternsScalable threat modelling with risk patterns
Scalable threat modelling with risk patterns
 
kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3
 
Pranavi verma-cyber-security-ppt
Pranavi verma-cyber-security-pptPranavi verma-cyber-security-ppt
Pranavi verma-cyber-security-ppt
 
Threat Intelligence
Threat IntelligenceThreat Intelligence
Threat Intelligence
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence ppt
 
Network security - Defense in Depth
Network security - Defense in DepthNetwork security - Defense in Depth
Network security - Defense in Depth
 
Types of Threat Actors and Attack Vectors
Types of Threat Actors and Attack VectorsTypes of Threat Actors and Attack Vectors
Types of Threat Actors and Attack Vectors
 
Application Threat Modeling
Application Threat ModelingApplication Threat Modeling
Application Threat Modeling
 
Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & Architecture Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & Architecture
 
Application Security
Application SecurityApplication Security
Application Security
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability Management
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
 

Semelhante a Threat modelling with_sample_application

06. security concept
06. security concept06. security concept
06. security conceptMuhammad Ahad
 
Management Information Systems
Management Information SystemsManagement Information Systems
Management Information Systemsmsd11
 
The 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochThe 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochQA or the Highway
 
The 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochThe 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochQA or the Highway
 
UNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdf
UNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdfUNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdf
UNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdfVishwanathMahalle
 
The security mindset securing social media integrations and social learning...
The security mindset securing social media integrations and social learning...The security mindset securing social media integrations and social learning...
The security mindset securing social media integrations and social learning...franco_bb
 
attack vectors by chimwemwe.pptx
attack vectors by chimwemwe.pptxattack vectors by chimwemwe.pptx
attack vectors by chimwemwe.pptxJenetSilence
 
ThreatModeling.ppt
ThreatModeling.pptThreatModeling.ppt
ThreatModeling.ppttashon2
 
5 attack vectors behind 3000+ breaches.pdf
5 attack vectors behind 3000+ breaches.pdf5 attack vectors behind 3000+ breaches.pdf
5 attack vectors behind 3000+ breaches.pdfprithaaash
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to CryptographyUmangThakkar26
 
DataCommunication Network - Unit 5.pdf
DataCommunication Network - Unit 5.pdfDataCommunication Network - Unit 5.pdf
DataCommunication Network - Unit 5.pdfkrishnapriya673257
 
Appsec2013 assurance tagging-robert martin
Appsec2013 assurance tagging-robert martinAppsec2013 assurance tagging-robert martin
Appsec2013 assurance tagging-robert martindrewz lin
 
For Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSecFor Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSecLalit Kale
 
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce RiskThe Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce RiskBeyondTrust
 

Semelhante a Threat modelling with_sample_application (20)

06. security concept
06. security concept06. security concept
06. security concept
 
Management Information Systems
Management Information SystemsManagement Information Systems
Management Information Systems
 
The 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochThe 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan Koch
 
The 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochThe 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan Koch
 
Skillmine-InfoSecurity-VAPT-V.2.
Skillmine-InfoSecurity-VAPT-V.2.Skillmine-InfoSecurity-VAPT-V.2.
Skillmine-InfoSecurity-VAPT-V.2.
 
Secure remote work
Secure remote workSecure remote work
Secure remote work
 
UNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdf
UNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdfUNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdf
UNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdf
 
The security mindset securing social media integrations and social learning...
The security mindset securing social media integrations and social learning...The security mindset securing social media integrations and social learning...
The security mindset securing social media integrations and social learning...
 
Threat modelling
Threat modellingThreat modelling
Threat modelling
 
attack vectors by chimwemwe.pptx
attack vectors by chimwemwe.pptxattack vectors by chimwemwe.pptx
attack vectors by chimwemwe.pptx
 
Application security
Application securityApplication security
Application security
 
ThreatModeling.ppt
ThreatModeling.pptThreatModeling.ppt
ThreatModeling.ppt
 
5 attack vectors behind 3000+ breaches.pdf
5 attack vectors behind 3000+ breaches.pdf5 attack vectors behind 3000+ breaches.pdf
5 attack vectors behind 3000+ breaches.pdf
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
 
Null bachav
Null bachavNull bachav
Null bachav
 
DataCommunication Network - Unit 5.pdf
DataCommunication Network - Unit 5.pdfDataCommunication Network - Unit 5.pdf
DataCommunication Network - Unit 5.pdf
 
Appsec2013 assurance tagging-robert martin
Appsec2013 assurance tagging-robert martinAppsec2013 assurance tagging-robert martin
Appsec2013 assurance tagging-robert martin
 
For Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSecFor Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSec
 
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce RiskThe Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
 
Module 3-cyber security
Module 3-cyber securityModule 3-cyber security
Module 3-cyber security
 

Mais de Umut IŞIK

Açık Kaynağa Nasıl Katkı Yapabiliriz?
Açık Kaynağa Nasıl Katkı Yapabiliriz?Açık Kaynağa Nasıl Katkı Yapabiliriz?
Açık Kaynağa Nasıl Katkı Yapabiliriz?Umut IŞIK
 
Php projelerinde ci_uygulama
Php projelerinde ci_uygulamaPhp projelerinde ci_uygulama
Php projelerinde ci_uygulamaUmut IŞIK
 
Açık Kaynağa Nasıl Katkı Yapabiliriz?
Açık Kaynağa Nasıl Katkı Yapabiliriz?Açık Kaynağa Nasıl Katkı Yapabiliriz?
Açık Kaynağa Nasıl Katkı Yapabiliriz?Umut IŞIK
 
A Ci Experience
A Ci ExperienceA Ci Experience
A Ci ExperienceUmut IŞIK
 
BBS Flyers 08/2016
BBS Flyers 08/2016BBS Flyers 08/2016
BBS Flyers 08/2016Umut IŞIK
 
BBS Flyers 07/2016
BBS Flyers 07/2016BBS Flyers 07/2016
BBS Flyers 07/2016Umut IŞIK
 
BBS Flyers 05/2016
BBS Flyers 05/2016BBS Flyers 05/2016
BBS Flyers 05/2016Umut IŞIK
 
BBS Flyers 03/2016
BBS Flyers 03/2016BBS Flyers 03/2016
BBS Flyers 03/2016Umut IŞIK
 
BBS Flyers 02/2016
BBS Flyers 02/2016BBS Flyers 02/2016
BBS Flyers 02/2016Umut IŞIK
 
BBS Flyers 01/2016
BBS Flyers 01/2016BBS Flyers 01/2016
BBS Flyers 01/2016Umut IŞIK
 
BBS Flyers 12/2015
BBS Flyers 12/2015BBS Flyers 12/2015
BBS Flyers 12/2015Umut IŞIK
 
BBS Flyers 11/2015
BBS Flyers 11/2015BBS Flyers 11/2015
BBS Flyers 11/2015Umut IŞIK
 
BBS Flyers 10/2015
BBS Flyers 10/2015BBS Flyers 10/2015
BBS Flyers 10/2015Umut IŞIK
 
BBS Flyers 09/2015
BBS Flyers 09/2015BBS Flyers 09/2015
BBS Flyers 09/2015Umut IŞIK
 
BBS Flyers 08/2015
BBS Flyers 08/2015BBS Flyers 08/2015
BBS Flyers 08/2015Umut IŞIK
 
BBS Flyers-07-2015
BBS Flyers-07-2015BBS Flyers-07-2015
BBS Flyers-07-2015Umut IŞIK
 
BBS Flyers 06/2015
BBS Flyers 06/2015BBS Flyers 06/2015
BBS Flyers 06/2015Umut IŞIK
 
BBS Flyers 05/2015
BBS Flyers 05/2015BBS Flyers 05/2015
BBS Flyers 05/2015Umut IŞIK
 
BBS Flyers 04/2015
BBS Flyers 04/2015BBS Flyers 04/2015
BBS Flyers 04/2015Umut IŞIK
 

Mais de Umut IŞIK (20)

Açık Kaynağa Nasıl Katkı Yapabiliriz?
Açık Kaynağa Nasıl Katkı Yapabiliriz?Açık Kaynağa Nasıl Katkı Yapabiliriz?
Açık Kaynağa Nasıl Katkı Yapabiliriz?
 
Php projelerinde ci_uygulama
Php projelerinde ci_uygulamaPhp projelerinde ci_uygulama
Php projelerinde ci_uygulama
 
Açık Kaynağa Nasıl Katkı Yapabiliriz?
Açık Kaynağa Nasıl Katkı Yapabiliriz?Açık Kaynağa Nasıl Katkı Yapabiliriz?
Açık Kaynağa Nasıl Katkı Yapabiliriz?
 
A Ci Experience
A Ci ExperienceA Ci Experience
A Ci Experience
 
BBS Flyers 08/2016
BBS Flyers 08/2016BBS Flyers 08/2016
BBS Flyers 08/2016
 
BBS Flyers 07/2016
BBS Flyers 07/2016BBS Flyers 07/2016
BBS Flyers 07/2016
 
BBS Flyers 05/2016
BBS Flyers 05/2016BBS Flyers 05/2016
BBS Flyers 05/2016
 
BBS Flyers 03/2016
BBS Flyers 03/2016BBS Flyers 03/2016
BBS Flyers 03/2016
 
BBS Flyers 02/2016
BBS Flyers 02/2016BBS Flyers 02/2016
BBS Flyers 02/2016
 
BBS Flyers 01/2016
BBS Flyers 01/2016BBS Flyers 01/2016
BBS Flyers 01/2016
 
BBS Flyers 12/2015
BBS Flyers 12/2015BBS Flyers 12/2015
BBS Flyers 12/2015
 
BBS Flyers 11/2015
BBS Flyers 11/2015BBS Flyers 11/2015
BBS Flyers 11/2015
 
BBS Flyers 10/2015
BBS Flyers 10/2015BBS Flyers 10/2015
BBS Flyers 10/2015
 
BBS Flyers 09/2015
BBS Flyers 09/2015BBS Flyers 09/2015
BBS Flyers 09/2015
 
Ionic
IonicIonic
Ionic
 
BBS Flyers 08/2015
BBS Flyers 08/2015BBS Flyers 08/2015
BBS Flyers 08/2015
 
BBS Flyers-07-2015
BBS Flyers-07-2015BBS Flyers-07-2015
BBS Flyers-07-2015
 
BBS Flyers 06/2015
BBS Flyers 06/2015BBS Flyers 06/2015
BBS Flyers 06/2015
 
BBS Flyers 05/2015
BBS Flyers 05/2015BBS Flyers 05/2015
BBS Flyers 05/2015
 
BBS Flyers 04/2015
BBS Flyers 04/2015BBS Flyers 04/2015
BBS Flyers 04/2015
 

Threat modelling with_sample_application

  • 1. Umut IŞIK Threat Modelling With a sample application
  • 2. 1. Threat Modelling 2. Sample Application 3. Threat Model Of The Application 4. Resources Table Of Contents
  • 3. An approach for analyzing the security of an application Security? ▪ protect applications from external threats ▪ protect data integrity ▪ protect service 1.Threat Modelling
  • 4. Vocabulary ▪ Asset; A resource of value such as the data in a database ▪ Threat; Anything that can exploit a vulnerability and obtain, damage, or destroy an asset. ▪ Vulnerability; A weakness or gap in security program that can be exploited by threats to gain unauthorized access to an asset. ▪ Attack (or exploit); An action taken to harm an asset. ▪ Countermeasure; A safeguard that addresses a threat and mitigates risk. 1.Threat Modelling
  • 5. The model can be decomposed into three steps 1. Decompose the application 2. Determine and rank threats 3. Determine countermeasures and migitation 1.Threat Modelling
  • 6. 1.1. Decompose the application Understanding of the application ▪ External Dependencies ▪ Entry points: sources of input to your application ▪ Assets ▪ Roles: sets of priviledges, trust levels 1.Threat Modelling
  • 7. 1.2. Determine and rank threats Categorization of threats (by attackers goal) ▪ Spoofing: Illegal access ▪ Tampering: Maliciously add/modify persistent data ▪ Repudiation: ▪ Information Disclosure: Read data that was not granted ▪ Denial of Service: Make service unavailable ▪ Elevation of Privilege: Gain privileged access 1.Threat Modelling
  • 8. 1.2. Determine and rank threats Threats should be ranked according to risk (1-10) (D + R + E + A + D)/5 ▪ Damage; ▪ Reproducibility; ▪ Exploitability; ▪ Affected Users; ▪ Discoverability; 1.Threat Modelling
  • 9. 1.2. Determine and rank threats What is risk? Risk = Likelihood X Impact 1.Threat Modelling
  • 10. 1.2. Determine and rank threats Likelihood is probability and possibility of the attack. 1. Can an attacker exploit the attack remotely? 2. Is the authentication required? 3. Can it be automated? 1.Threat Modelling
  • 11. 1.2. Determine and rank threats Impact is the potential damage and the extent of the damage. Can the attacker 1. take over the system complety? 2. gain administration access to the system? 3. crash the system? 4. access to sensitive information? 1.Threat Modelling
  • 12. 1.2. Determine and rank threats Impact is the potential damage and the extent of the damage. 1. How many data sources and components can be impacted? 2. How deep can the threat agent go? 1.Threat Modelling
  • 13. 1.3. Determine countermeasures and mitigation Security Controls 1.Threat Modelling Type Security Control Spoofing Authentication, protect secrets, don’t store secrets Tampering Integrity, hash, digital signature, tamper resistant protocols Repudiation Non-Repudiation, digital signature Information Disclosure Confidentiality, privacy enhanced protocols,encryption,protect secrets,don’t store secrets Denial of Service Authentication, authorization, filtering, throttling, quality of service Elevation of privilege Authorization, least priviledge
  • 14. 1.3. Determine countermeasures and mitigation Mitigation Strategy 1. Do nothing 2. Inform about the risk 3. Mitigate the risk 4. Accept the risk 5. Transfer the risk 6. Terminate the risk 1.Threat Modelling
  • 15. Content Translation Memory (TM) ▪ Memory between internal CMSs to external translation agencies ▪ UI for users to update memory ▪ Service layer for CMS aplications to send and receive data ▪ FTP file transfer to translation agency 2. Sample Application
  • 17. 3.1. Decomposing the Application External Dependencies 3. Threat Model Of The Application ID Description Protection Migitation Strategy 1 The application will run on a Linux server running Apache. The server will be hardenned by creating a lates version strategy Transfer the risk 2 The database server will be Mysql The server will be hardenned by creating a lates version strategy Transfer the risk 3 The connection between application and the database Over a private network Terminate the risks
  • 18. 3.1. Decomposing the Application Entry Points 3. Threat Model Of The Application ID Name Description Trust Level/Role Migitation Strategy 1 User Interface: • Login Page • Edit Translation • Edit Transaction • Reports All Pages should be accessible via TLS Anonymous User, User with valid credentials Migitate the risk 2 Service Layer All services should be accessible via TLS Service User with valid API key Migitate the risk 3 FTP connection Connect to an external FTP server via TLS User with valid credentials Migitate the risk
  • 19. 3.1. Decomposing the Application Assets 3. Threat Model Of The Application ID Name Description Trust Level/Role 1 Content Content data User with valid credentials, Service User with valid API key 2 User data usernames, passwords User with valid credentials 3 Transaction information Locale assignment, translation status User with valid credentials
  • 20. 3.2. Threat Profile ▪ Brainstorm about threats ▪ Avoid thinking about solutions ▪ Give proper unique for each threat 3. Threat Model Of The Application
  • 21. 3.2. Threat Profile Threat #1 Atacker steals authentication credentials Rank: 8 ▪ Credentials are cached to insecure locations on the client system ▪ Credentials are sent as GET parameters that may be cached. 3. Threat Model Of The Application
  • 22. 3.2. Threat Profile Threat #2 Atacker logins with brute force Rank: 8 ▪ The Logon page does not properly sanitize input ▪ Functionality accessible only after logging in can be called directly ▪ Credentials are cached locally. ▪ Credentials are present in the form of comments in JavaScript. ▪ Authentication is handled on the client (JavaScript). ▪ Persistent cookies are stored in the browser. ▪ Weak passwords are in use. 3. Threat Model Of The Application
  • 23. 3.2. Threat Profile Threat #3 An attacker can launch a denial of service attack Rank: 9 ▪ Poorly configured account lockout policy in place. ▪ Absence of CAPTCHA allowing users to fill up a backend database with useless data via public registration forms. 3. Threat Model Of The Application