A global community where threat modeling practitioners collaborate, share, and grow.
Discover a new AI-powered threat modeling tool developed by one of our community members, Audrey Long, a senior security engineer at Microsoft.Over the past few months, Audrey has developed a suite of AI tools that streamline the process of identifying and analyzing potential threats. These tools utilize advanced language processing to extract critical information from various security-related documents, and then interface seamlessly with Azure's services to deliver comprehensive threat models and recommendations. This integration of technologies significantly accelerates the threat modeling process, ensuring thorough and efficient assessments. One of the outputs of her tool is an advanced attack tree, which she demonstrated in the Spring Threat Modeling Hackathon. The judges praised it as “the best attack tree ever seen in their decades-long threat modeling careers.” Slideshttps://4550632.fs1.hubspotusercontent-na1.net/hubfs/4550632/Threat%20Modeling%20Connect/Meetups/Automating%20T
Keynote: A Holistic Approach to Threat Modeling Inherent Threats Threat Modeling and Enterprise Architecture Threat Modeling and Responsible AI Developer Engagement Final Thoughts About MeI spent a thought-provoking weekend at the inaugural European Threat Modelling Conference in Lisbon. I always find value in connecting with peers and exploring new perspectives.Keynote: A Holistic Approach to Threat ModelingThe conference started with a great panel with Isabel Barberá, Irene Michlin, Kim Wuyts and Roos Hubrechtsen. This panel reinforced my belief in a holistic, systems-focused approach to threat modelling, where collaboration is critical. The challenge of scaling threat modelling resonated with me, as organisations of all sizes and maturity levels face it.The panel-style keynote, given by Isabel Barberá, Irene Michlin, Kim Wuyts and Roos Hubrechtsen (left to right). Inherent ThreatsAdam Shostack's insights on inherent threats, those fundamental risks inherent to a system's design or b
Hello everyone😃. While reviewing the DFD in threat modeling, I ran into a problem. In some sources, "process" is defined as an exe file or a service (or web service). While in some other sources it can be the name of a function. Now, for example, is "process" a login service, or a login page, or a login function? (I've come to the conclusion that it can be all of these, it just depends on the scope and context we're working on. Is that true?🙄)
That’s a wrap for the first-ever #ThreatModCon in Europe – another fully SOLD-OUT venue following the first ThreatModCon in the U.S. last year.Kudos to our amazing speakers, incredible sponsors, and most importantly, our #ThreatModelingConnect community for joining us for two days of immersive threat modeling discussions! While we appreciate our Zoom meetings, there's something magical about enjoying the Lisbon sunset on a boat trip together, learning, collaborating, problem-solving, and threat modeling alongside leading experts.Here are some highlights of the event, including a summary of the 10 sessions of the conference broken down by six themes.Sunset Cruise ReceptionOur two-day conference, held on June 28-29 in Lisbon, Portugal, kicked off with a sunset cruise along the Tagus River. The weather could have been better, but it didn't seem to bother us – the atmosphere was super vibrant and the excitement palpable. Meeting each other, some for the first time ever and others for the f
Thanks, team, for the wonderful content. I am coming to you to find out on threat modeling for AI systems. Do we have template available specific to perform threat modeling for AI systems.
Hey all, I have not seen any posts nor much out there… but I am sure some people are thinking about this right? With the right DFD metadata and possibly a gherkin-like way to describe scenarios, it feels like something could be done.What are the collective thoughts around using AI to help lead threat modeling sessions to scale appsec teams efforts? Is there something out there that’s already midly useful?If I knew what I was doing, that’s probably something I’d start thinking on building :-)Cheers,
Hi all, I have a practical question regarding organizational design:what is the recommended ratio between a threat modelling team’s head count (assume full time employees) and the developer organization’s head count (possibly including plattform teams or other roles involved in DevOps practices) similar ratios between AppSec team head count (doing also threat modelling) and dev org (again broadly speaking) would also be appriciated.Even though I approciate opinions and personal accounts also, this time I am primarily looking for studies, case studies, recommendations from think-thanks, etc. I need this for decision support materials, so it needs to be a referencable source (not “hearsay”).Thanks in advance! Kr.:Daniel
I wanted to share some work by Valery Beretstetsky. (You may know his work in creating medical device templates for the MS TM tool) In a recent training, he had a great answer to how do we deal with diagrams that have “wierd” elements in them. For the simple and effective approaches, please take a look at his post: https://shostack.org/blog/diagrams-and-symbols-in-threat-models/
Hello I need to brainstorm about the security risks and their mitigation am building SSM document on AWS, the runbook performs in-depth analysis of EMR Logs using Athena, it requires input parameters such as the EMR Cluster ID and the SSM Automation IAM Role. It might require S3 logs location for the EMR cluster in case it doesn’t exist. It also allows the user to enable/disable log dive on EMR container, node logs, or both, utilizing optional parameters for specific date range or keyword-based searches. The IAM role used assume the ssm service but as part of the automation I create glue database and I place json files inside the EMR logs bucket. As a last step of automation I cleanup all resources.
I’d like to relate a few things I’ve noticed from this year’s Hackathon judging.Most importantly, had a development team or security champion asked for my feedback on the vast majority of submissions, I’d be so delighted to have seen such fine work. Which made this year’s judging wickedly difficult.Clearly, our capabilities are progressing significantly.For one thing, there are far more resources available to help with threats.It’s been a truism for a long time that one of the most difficult things for threat modelling newbies is to climb out of their well-known threat catalog (often quite limited) to consider the broad range of things “that can go wrong”, as @Adam Shostack leads the process. Adam, and really many of us who teach and mentor others, talk about this difficulty repeatedly (and have for years).In fact, that’s why Adam wrote his last book, Threats: it’s hard to be comprehensive. One needs a near encyclopedic knowledge of threats, while also understanding to which technologi
Dive into expert guides, templates, threat models examples
Share your challenge, get input, offer feedback
Discover how to become a leader in our community
Share your insights and passion for threat modeling by giving a talk, contributing an article, or facilitating our upcoming events.
A free threat modeling automation tool created by IriusRisk
A guideline on the core values and principles of threat modeling
A documentation project focusing on threat modeling techniques
Already have an account? Login
Not a member yet? Become a member to join forum discussions, participate in community events and apply to write articles.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
Sorry, we're still checking this file's contents to make sure it's safe to download. Please try again in a few minutes.
Sorry, our virus scanner detected that this file isn't safe to download.