Threat Modeling

When securing an application, system or the complete chain, it is important to know from which perspective threats arise and how a system can be attacked. Secura feels that Threat Modeling can be very useful to stay in control of security, while still retaining the flexibility to improve and change.

The big advantage of Secura's threat modeling is that the graphical representation of the (information flows within the) applications / systems can be used to detect and prevent security errors more quickly.

Threat Modeling approach

In a highly interactive session with developers, architects, business owners and other stakeholders in your organisation, we will combine all knowledge and creativity to identify the threats applicable to your IT environment. By combining the knowledge of the people present at the threat modeling session, the Data Flow Diagram (DFD) will be created to be as complete as possible.

Secura uses the STRIDE methodology for threat modeling and likes the simplicity yet effectiveness of raising security awareness during the process.

threat modeling approach by secura

Please refer to our dedicated factsheet to learn more about our Threat Modeling approach, the STRIDE methodology and examples of a Data Flow Diagram and attack tree.

Why you should Threat Model?

Threat Modeling gives a complete picture of the threats and possible attack paths. These attack paths can subsequently be used for instance to create efficient test scenarios, design adjustments or to define additional mitigating measures. Next to the result, the threat modeling workshop is a great way to raise security awareness and collaboration.

This allows you to execute concrete next steps in improving security.

Interested

Would you like to organise a Threat Modeling exercise which will focus on the most critical systems in your organisation?

Request your free quote using this form

Do you have any questions? With nearly two decades of experience and a huge body of knowledge, Secura is in the fortunate position of being one of the few parties who can perform effective design review and threat modeling on virtually all types of systems, from embedded and IoT devices, to ephemeral cloud solutions that could be anywhere in the world. With our in-depth knowledge of state-of-the-art attacks and our hacker mindset the result will enable you to target the weakest spots in any system.

Do not hesitate to contact one of our experts on +31 (0)88 888 31 00  or send an e-mail to info@secura.com, to identify your needs and come up with a solution that seamlessly integrates with your question.

@ Secura 2019
Webdesign Studio HB / webdevelopment Medusa