ThreatModeler

In addition to the comprehensive threat library provided, ThreatModeler™ is a framework which can be completely customized. This is your Centralized Threat Management console titled as Library on the ribbon. The following buttons are available under this tab: Centralized Threat Management Threat Library The user can view all the threats provided by ThreatModeler™ from the MITRE’s CAPEC library, WASC Threat Classification, OWASP as well as user defined threats. You can edit a threat by clicking the edit button on the...

The Whiteboard: The Whiteboard is a simple drag-and-drop diagramming interface to build a threat model easily. The user creates a high level architecture of the application by using various components and interconnecting them by arrows which represent the communication protocol between them. To the left of the screen is the Component Palette. The various icons in the Palette are the components that are applicable to an application. The user can simply drag and drop a component onto the whiteboard from...

Creating a New Threat Model To create a threat model in ThreatModeler, click on the New button on the Home tab or the ‘+’ button on the Existing Threat Models screen. This will show the ‘Create Threat Model Wizard’ with the following screens: Project Details Business Requirements Project Details: At the first screen of the Wizard – Threat Model Details – the user provides general information about the threat model. These include: Project Name – The name of the threat...

Analyze a Threat Model   The user has the option to view components based on Attack Trees: Attacker-Centric Asset-Centric Component (System) – Centric Data Elements Specific Threats User Roles Business Requirements   Design View This is the view of the entire threat model and is the default view for the whiteboard Data View When you select Data View, a window will pop up with the data elements selected for the application. Select data elements from the list and the threat...

Threat Console The Threat Console is the focus area for you to carry out threat management. This window displays the list of threats associated with the application. The status of a threat based on counter measures applied can be changed at this screen. The status of a threat can be: Open – Threat is currently open with no security controls and mitigation steps applied. Mitigated – Secure coding principles have been followed and security testing has validated that threat has...

ThreatModeler simplifies the traditional manual process of threat modeling and automates the work to a greater degree. The major advantage of ThreatModeler over the traditional threat modeling process is its usability and little or no security knowledge is required to create threat models. The entire process is more straightforward compared to any other Threat Modeling tool. ThreatModeler allows users to capture the entire flow of the application and to define certain properties based on which it automatically generates threats and...