Culture and Organization -> Design: Conduction of advanced threat modeling
Risk and Opportunity
Risk: Inadequate identification of business and technical risks.
Opportunity: Threat modeling is performed by using reviewing user stories and producing security driven data flow diagrams.
Dependencies: Conduction of simple threat modeling on technical level, Creation of threat modeling processes and standards
Example High Maturity Scenario:
Based on a detailed threat model defined and updated through code, the team decides the following:
- Local encrypted caches need to expire and auto-purged.
- Communication channels encrypted and authenticated.
- All secrets persisted in shared secrets store.
- Frontend designed with permissions model integration.
- Permissions matrix defined.
- Input is escaped output is encoded appropriately using well established libraries.
Source: OWASP Project Integration Project
- Whiteboard, Link, Tags: defender threat-modeling collaboration whiteboard
- Miro (or any other collaborative board), Link, Tags: defender threat-modeling collaboration whiteboard
- Draw.io, Link, Tags: defender threat-modeling whiteboard
- Threat Modeling Playbook, Link, Tags: owasp defender threat-modeling whiteboard
- OWASP SAMM, Link, Tags: threat-modeling owasp defender
- Threagile, Link, Tags: threat-modeling
- Threat Matrix for Storage, Link, Tags: documentation storage cluster kubernetes
Usefulness and Requirements of this Activity
Required knowledge: High (two disciplines)
Required time: Medium
Required resources (systems): Low
OWASP SAMM VERSION 2
- not explicitly covered by ISO 27001
- may be part of risk assessment