DEV Community

丁久
丁久

Posted on • Originally published at dingjiu1989-hue.github.io

Threat Modeling

#devops #security #cloud

This article was originally published on AI Study Room. For the full version with working code examples and related articles, visit the original post.

Threat Modeling

Threat Modeling

Threat Modeling

Threat Modeling

Threat Modeling

Threat Modeling

Threat Modeling

Threat Modeling

Threat Modeling

Why Threat Model?

Threat modeling identifies potential security issues during design, when they are cheapest to fix. It shifts security left and builds protection into architecture.

STRIDE Methodology

Microsoft's STRIDE categorizes threats:

| Category | Definition | Example | |----------|------------|---------| | Spoofing | Impersonating someone | Fake login page | | Tampering | Modifying data | Altering database records | | Repudiation | Denying actions | Missing audit logs | | Information Disclosure | Exposing data | SQL injection | | Denial of Service | Disrupting service | DDoS attack | | Elevation of Privilege | Gaining unauthorized access | Buffer overflow |

STRIDE threat analysis

def analyze_with_stride(component, data_flow):

threats = []

Spoofing

if not component.get("authentication"):

threats.append({

"category": "Spoofing",

"threat": f"Attacker could impersonate {component['name']}",

"mitigation": "Implement mutual TLS authentication"

})

Tampering

if not data_flow.get("integrity_check"):

threats.append({

"category": "Tampering",

"threat": f"Data in {data_flow['name']} could be modified",

"mitigation": "Use message signing or HMAC"

})

Information Disclosure

if not data_flow.get("encryption"):

threats.append({

"category": "Information Disclosure",

"threat": f"Data in {data_flow['name']} could be intercepted",

"mitigation": "Encrypt data in transit with TLS"

})

return threats

DREAD Risk Rating

DREAD helps prioritize threats:

def dread_rating(threat):

scores = {

"damage": threat["damage_potential"], # 1-10

"reproducibility": threat["reproducibility"], # 1-10

"exploitability": threat["exploitability"], # 1-10

"affected_users": threat["affected_users"], # 1-10

"discoverability": threat["discoverability"] # 1-10

}

total = sum(scores.values())

Read the full article on AI Study Room for complete code examples, comparison tables, and related resources.

Found this useful? Check out more developer guides and tool comparisons on AI Study Room.

Top comments (0)