practical approach for lightway threat modeling automation
play

Practical Approach For Lightway Threat Modeling Automation Vitaly - PowerPoint PPT Presentation

Jul 25, 2023 •307 likes •659 views

Practical Approach For Lightway Threat Modeling Automation Vitaly Davidoff CISSP , CSSLP Agenda What is Threat Modeling Existing Methodologies Problems in common solution Lightway Threat Modeling As a Code

  1. Practical Approach For “Lightway” Threat Modeling Automation Vitaly Davidoff CISSP , CSSLP

  2. Agenda What is Threat Modeling  Existing Methodologies  Problems in common solution  Lightway Threat Modeling “As a Code”  Risks Based Security Tests Orchestration  CI/CD Overview  Tools  Things to warry about 

  3. $WhoAmI AppSec Domain Lead at Citi Innovation Lab  15 years of experience as a developer  5+ years experience in application security  Martial Arts instructor 

  4. Basic Security Terminology Asset  Threat  Vulnerability  Attack (or Exploit)  Abuse Case  Countermeasure (Security Control)  Risk 

  5. Basic Security Terminology Source: ISO 15408:2005

  6. Secure SDLC Process Source: MicroFocus

  7. What Is Threat Modeling A powerful way to identify potentials threats, visualize risks and  understand the security of the application A starting point to create robust security minded test plans  The most reliable way to:  Understand the security implications of system architecture  Find business-process and system level security risks  Ensure you get the most impact for your security investment 

  8. Existing Methodologies  STRIDE The STRIDE approach to threat modeling was introduced in 1999 at Microsoft, providing a mnemonic for developers to find 'threats to our products'.  PASTA The Process for Attack Simulation and Threat Analysis (PASTA) is a seven-step, risk-centric methodology.  VAST VAST is an acronym for Visual, Agile, and Simple Threat modeling. The underlying principle of this methodology is the necessity of scaling the threat modeling process across the infrastructure and entire SDLC, and integrating it seamlessly into an Agile software development methodology.  Trike The focus of the Trike methodology is using threat models as a risk-management tool. Within this framework, threat models are used to satisfy the security auditing process.

  9. Threat Modeling Process  What are we building? “what are we working on, now, in this sprint/spike/feature?”   What can go wrong?  What are we going to do about that?  Did we do a good enough job?

  10. Data Flow Diagram (DFD)

  11. Process Flow Diagram (PFD)

  12. “Think Like A Hacker!”

  13. STRIDE – Identify Threats

  14. Source: OWASP

  15. Threat Modeling - Benefjts Source: We45

  16. A Note About “Intuitive” Security

  17. A Note About “Intuitive” Security

  18. Threat Modeling And Secure SDLC In simple words, at the early stages of the SDLC: Every time there is a change in the  system’s architecture. After a security incident has occurred or  new vulnerabilities are introduced. As soon as the architecture is ready. 

  19. Threat Modeling - Responsibilities Architects  Security Specialists  Business Analysts  Developers  Security Champions 

  20. Common Problems Manual process, takes a lot of time  Not propagated to Developers (in some cases, design defects opened)  Updated on rare occasions (or not updates at all)  Proceeded by security team (with very little help from R&D)  Not integrated with DevOps model (CI/CD)  Concentrated on Diagrams, not on countermeasures  “Agile and Microservices created a reality where Threat Modeling becomes a bottleneck - heavily resource intensive, requires a full team of expensive security professionals, takes up far too much time, and does not scalable…”

  21. DevOps Automation Fosters speed  Minimize human intervention  Specification based frameworks  Abstract the complexity away from the developer  Make everything as a Code! 

  22. “Lightway” Threat Modeling As A Code CI/CD integration (security tests might be Threat Modeling based)  Collaboration between different roles  Iterative Threat Modeling  Manageable Threat Modeling  Just enough Threat Modeling  28 % Automated Manual Let ~80% of Threat Modeling be automated! 72 % 

  23. Step 1: Pattern* Defjnition (Example) * Stephen De Vries - Threat Modeling With Architectural Risk Patterns - AppSecUSA 2016

  24. Patterns Selection

  25. From The Developer’s Point Of View

  26. Step 2: Threat Modeling YAML File Source: ThreatPlaybook

  27. Step 3: Risk Based Security Test Orchestration TM code Reporting Generation and Metrics • Questionnaire • Run Security Pipeline • Patterns • Tests list adopted to • Generate Yaml files • Save reports • Integrate with TM concreate feature • Insert into Source • Calculate Security Management tool repository Coverage level • Test cases definitions • Security controls list Security Survey Tests

  28. YAML  Deploy stage will run  Approval Gate will check parallel Security Test Security Test coverage and pipeline (Asynchronies) automatically approve push to production if security criteria achieved

  29. Step 4: CI/CD Integration (Example) Process will be triggered by “Security Test” step as part of Build stage   Pull Threat Modeling process from Git (If not exists – process will be stopped! As a Gate)  Run Security test pipeline (as parallel to functional pipeline) During any “final” stage (post-functional tests)   Validate if security tests flow finished  Check security coverage (As a Gate)  If vulnerabilities found – open tickets inside defect management system (Jira) During release approve stage   Automatically approve! If has a good coverage and suitable vulnerabilities score  Manual approve only need if security thresholds violated

  30. Coverage Review Coverage calculated by automation tool  Ticket should be opened automatically with all context needed  Report contains all tests and findings in relation to Threat Modeling  use cases CWE TM FISMA PCI HIPPA NIAP OWASP GDPR FFIEC

  31. Main Points (Summary) Based on OWASP ASVS v2 or other standards  Part of feature onboarding  Generic Threats Responsibility moved to R&D  Integrated part of CI/CD flow  Managed by security specialists  JSON HTTP Threats Threats Template based approach!  SOAP REST GraphQL Threats Threats Threats

  32. Thinks To Warry About Scope – Feature/User story  No single framework exists  No Threat Modeling orchestration specification  Evaluation plan (synchronies vs asynchronies)  Integrate manual Threat Modeling process be part of orchestration 

  33. Toolset (Example)  ChatOps Slak – Uses as semi-automated check list questioner  ThreatPlaybook – Automation for Threat Modeling process and documents  ThreatModeler – Threats generation based on DFD’s  Jenkins – CI/CD pipeline or Security Pipeline  Robot – Security Pipeline  BDD – Security Test (behavior driven)  Jira – Features and Defects Management system  IriusRisk – Management framework and Threat Modeling automation  Orchestron – Management Tool  Security Compass – Management Tool  ZeroNorth – tests orchestrator and reports management system

  34. Thank You! vitaly.davidoff@citi.com LinkedIn: https://www.linkedin.com/in/vitaly-davidoff-07039a1

Recommend

Threat Modeling and S haring S ummary Proposal to kick off Threat Modeling proj ect

Threat Modeling and S haring S ummary Proposal to kick off Threat Modeling proj ect

Threat Modeling and S haring S ummary Proposal to kick off Threat Modeling proj ect Multi-phase approach Initially: create Cyber Domain PIM and S TIX PS M with UML Profile for NIEM Expand to other PS M, create Threat Meta

211 views • 10 slides
Lessons from Star Wars Adam Shostack @adamshostack Agenda What is threat modeling? A

Lessons from Star Wars Adam Shostack @adamshostack Agenda What is threat modeling? A

Threat Modeling: Lessons from Star Wars Adam Shostack @adamshostack Agenda What is threat modeling? A simple approach to threat modeling Top 10 lessons Learning more What is threat modeling? A SIMPLE APPROACH TO THREAT

606 views • 41 slides
Offensive Threat Modeling for Attackers turning threat modeling on its head Rafal M. Los

Offensive Threat Modeling for Attackers turning threat modeling on its head Rafal M. Los

Offensive Threat Modeling for Attackers turning threat modeling on its head Rafal M. Los Chief Security Evangelist HP Software Shane MacDougall Principal Tactical Intelligence Modern threat modeling is a defensive response to

783 views • 52 slides
Outline Starting synchronous lecture recording CSci 4271W More perspectives on threat modeling

Outline Starting synchronous lecture recording CSci 4271W More perspectives on threat modeling

Outline Starting synchronous lecture recording CSci 4271W More perspectives on threat modeling Development of Secure Software Systems Threat modeling: printer manager Day 7: More Threat Modeling Stephen McCamant Logistics update, incl.

564 views • 4 slides
AN INTRODUCTION TO THREAT MODELING IN PRACTICE Thorsten Tarrach, Christoph Schmittner WHAT IS

AN INTRODUCTION TO THREAT MODELING IN PRACTICE Thorsten Tarrach, Christoph Schmittner WHAT IS

AN INTRODUCTION TO THREAT MODELING IN PRACTICE Thorsten Tarrach, Christoph Schmittner WHAT IS THREAT MODELING Introduction WHAT IS THREAT MODELING Structured Process Examination of a system for potential weaknesses

391 views • 28 slides
Lightway tubular skylights Lightway tubular skylights install lation & performance ation

Lightway tubular skylights Lightway tubular skylights install lation & performance ation

Project: Lightway tubular skylights Lightway tubular skylights install lation & performance ation & performance instal Tubular skylight Tubular skylight You have decided to use light tubes in your building? ? You have decided to

750 views • 32 slides
Lightway Solar America In a solar market reliant on 3 rd party financing, we recognize the

Lightway Solar America In a solar market reliant on 3 rd party financing, we recognize the

Bankability of Lightway Solar America In a solar market reliant on 3 rd party financing, we recognize the importance of having a dependable, reliable supplier for your long term investment Lightway Solar America, Inc. August 31, 2012

655 views • 36 slides
Public key cryptography: a practical Public key cryptography: a practical approach approach

Public key cryptography: a practical Public key cryptography: a practical approach approach

Public key cryptography: a practical Public key cryptography: a practical approach approach Israel Herraiz <isra@herraiz.org> <israel.herraiz@upm.es> KeyID FE0A7AF3 Fingerprint D0DA E915 BFDD E5CD 8BA0 B159 7E97 2ACB FE0A 7AF3

996 views • 43 slides
Automation + Machine Learning = Hands Free NFV A Word On Automation through ML for Openstack

Automation + Machine Learning = Hands Free NFV A Word On Automation through ML for Openstack

01.11.2017 Automation + Machine Learning = Hands Free NFV A Word On Automation through ML for Openstack NFV PRAKASH RAMCHANDRAN MICHAEL TIEN JAYANTHI A GOKHALE Agenda NFV Automation Challenges? Practical Viewpoint from Dell Labs?

1.04k views • 41 slides
Introduction to UML A Practical Approach to Product Development Description This seminar is

Introduction to UML A Practical Approach to Product Development Description This seminar is

Introduction to UML A Practical Approach to Product Development Description This seminar is designed to help you get started using the Unified Modeling Language (UML) as a visual design tool using a development process. A simple case

1.14k views • 67 slides
Practical Office Automation or How to Hack the OpenOffice.org File Format Jacob Sparre Andersen

Practical Office Automation or How to Hack the OpenOffice.org File Format Jacob Sparre Andersen

LinuxDay/Cagliari 2005: Practical Office Automation Practical Office Automation or How to Hack the OpenOffice.org File Format Jacob Sparre Andersen <sparre@crs4.it> Questions are welcome at any time during the talk. p. 1

435 views • 17 slides
Mainstreaming transport co- benefits approach: a practical guide benefits approach: a practical

Mainstreaming transport co- benefits approach: a practical guide benefits approach: a practical

Mainstreaming transport co- benefits approach: a practical guide benefits approach: a practical guide to evaluating transport projects Jane Romero Cli Climate Change Group Ch G IGES Outline Out e o Overview o Why quantify co-benefits?

345 views • 15 slides
1 Automation Overview Definition Automation (automation, Automation ) : 1) set of all measures

1 Automation Overview Definition Automation (automation, Automation ) : 1) set of all measures

Industrial Automation Spring 2019, EPFL 1 Automation Overview Definition Automation (automation, Automation ) : 1) set of all measures aiming at replacing human work through machines (e.g. automation is applied science) 2) the

1.39k views • 63 slides
Practical Office Automation Hacking the OpenOffice.org File Format Jacob Sparre Andersen

Practical Office Automation Hacking the OpenOffice.org File Format Jacob Sparre Andersen

Practical Office Automation Hacking the OpenOffice.org File Format Jacob Sparre Andersen sparre@crs4.it LinuxDay/Cagliari 2005: Practical Office Automation http://edb.jacob-sparre.dk/foredrag/OOo/ p. 1 Ouverture Subject: This talk is

310 views • 17 slides
Threat Modeling Frank Piessens (Frank.Piessens@cs.kuleuven.be ) KATHOLIEKE Secappdev 2007 1

Threat Modeling Frank Piessens (Frank.Piessens@cs.kuleuven.be ) KATHOLIEKE Secappdev 2007 1

Threat Modeling Frank Piessens (Frank.Piessens@cs.kuleuven.be ) KATHOLIEKE Secappdev 2007 1 UNIVERSITEIT LEUVEN Overview Introduction Key Concepts Threats, Vulnerabilities, Countermeasures Example Microsofts Threat

784 views • 39 slides
28/10/13 Title: Using Executable Visual Modeling in a Practical Application of Integrating Two

28/10/13 Title: Using Executable Visual Modeling in a Practical Application of Integrating Two

28/10/13 Title: Using Executable Visual Modeling in a Practical Application of Integrating Two Systems Abstract Number: SD13015 This topic is a case study demonstrating how visual modeling using UML (Unified Modeling Language) is applied in

740 views • 16 slides
CS 642: Midterm 1 Review Questions and General Study Pointers March 2020 1 Threat Modeling,

CS 642: Midterm 1 Review Questions and General Study Pointers March 2020 1 Threat Modeling,

CS 642: Midterm 1 Review Questions and General Study Pointers March 2020 1 Threat Modeling, Security Mindset Review the security mindset, and practice threat modeling on a few example websites. Also, review the various types of attacker models

401 views • 3 slides
Practical Computerized Home Automation B RUCE M OMJIAN , E NTERPRISE DB July, 2009 Abstract Home

Practical Computerized Home Automation B RUCE M OMJIAN , E NTERPRISE DB July, 2009 Abstract Home

Practical Computerized Home Automation B RUCE M OMJIAN , E NTERPRISE DB July, 2009 Abstract Home automation is computer control of home devices, typically electrical. Using inexpensive hardware and open source software, it is possible to

556 views • 39 slides
CSCE 790 Computer Systems Security Threat Modeling Professor Qiang Zeng Spring 2020

CSCE 790 Computer Systems Security Threat Modeling Professor Qiang Zeng Spring 2020

CSCE 790 Computer Systems Security Threat Modeling Professor Qiang Zeng Spring 2020 Previous Class The CIA Triad as security objectives Threat: potential Attack: attempt Compromise: success Vulnerability: security

660 views • 29 slides
Threat Modeling against Payment systems Dr. Grigorios Fragkos H e a d o f O fg e n s i v e C y b

Threat Modeling against Payment systems Dr. Grigorios Fragkos H e a d o f O fg e n s i v e C y b

Threat Modeling against Payment systems Dr. Grigorios Fragkos H e a d o f O fg e n s i v e C y b e r S e c u r i t y a t i n v i n s e c (@invinsec) @drgfragkos Agenda T h r e a t M o d e l i n g H i g h l i g h t s Point of Sale (#POS)

680 views • 54 slides
Our Approach P rovides a practical, innovative approach for the restoration, preservation and

Our Approach P rovides a practical, innovative approach for the restoration, preservation and

Our Approach P rovides a practical, innovative approach for the restoration, preservation and maintenance of reinforced concrete structures, steel rust inhibitors and asphalt rejuvenator solutions.. Through the use of proprietary technology

720 views • 61 slides
Implementing Consequence-Driven Cybersecurity with Continuous ICS Monitoring & Threat Modeling

Implementing Consequence-Driven Cybersecurity with Continuous ICS Monitoring & Threat Modeling

Implementing Consequence-Driven Cybersecurity with Continuous ICS Monitoring & Threat Modeling Phil Neray, VP of Industrial Cybersecurity Agenda NotPetya: How a Single Piece of Code Crashed the World (Wired) VPNFilter Update

610 views • 24 slides
Life-Cycle Assessment (LCA) as a well-acknowledged approach for Sustainable Development (SD) of

Life-Cycle Assessment (LCA) as a well-acknowledged approach for Sustainable Development (SD) of

Practical experiences with multi-level modeling using FMML x : A hierarchy of domain-specific modeling languages in support of life-cycle assessment Monika Kaczmarek-He 1 Mario Nolte 1 Andreas Fritsch 2 Stefanie Betz 3 5 th International Workshop

696 views • 32 slides
Assessment What is Threat Assessment Threat assessment is the process of gathering

Assessment What is Threat Assessment Threat assessment is the process of gathering

Threat Assessment What is Threat Assessment Threat assessment is the process of gathering information to understand the threat of violence posed by a person. Threat management is the process of developing and executing plans to mitigate

332 views • 15 slides

More recommend