DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Please enter at least three characters to search
Refcards Trend Reports
Events Video Library
Refcards
Trend Reports

Events

View Events Video Library

Zones

Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks

Modernize your data layer. Learn how to design cloud-native database architectures to meet the evolving demands of AI and GenAI workkloads.

Secure your stack and shape the future! Help dev teams across the globe navigate their software supply chain security challenges.

Releasing software shouldn't be stressful or risky. Learn how to leverage progressive delivery techniques to ensure safer deployments.

Avoid machine learning mistakes and boost model performance! Discover key ML patterns, anti-patterns, data strategies, and more.

Related

  • Zero to Hero on Kubernetes With Devtron
  • 4 Essential Strategies for Enhancing Your Application Security Posture
  • Dynatrace Perform: Day Two
  • 5 Trends That Will Shape Application Security in 2023

Trending

  • The Modern Data Stack Is Overrated — Here’s What Works
  • Unlocking AI Coding Assistants Part 2: Generating Code
  • Java’s Next Act: Native Speed for a Cloud-Native World
  • A Guide to Developing Large Language Models Part 1: Pretraining
  1. DZone
  2. Testing, Deployment, and Maintenance
  3. Deployment
  4. Threat Modelling Tools Analysis 101

Threat Modelling Tools Analysis 101

Key DevSecOps solutions available and their benefits and pitfalls through a series of evaluating different tools for Technical Architects and Engineering Teams.

By 
Deeptesh Bhattacharya user avatar
Deeptesh Bhattacharya
·
Jun. 12, 20 · Analysis
Likes (1)
Comment
Save
Tweet
Share
9.4K Views

Join the DZone community and get the full member experience.

Join For Free

Abstract

An interconnected world with an increasing number of systems, products and services relying on the availability, confidentiality, and integrity of sensitive information is vulnerable to attacks and incidents. Unfortunately, the threat landscape expands and new threats, threat agents and attack vectors emerge at all times. Defending against these threats requires that organizations are aware of such threats and threat agents. Threat modeling can be used as part of security risk analysis to systematically iterate over possible threat scenarios.

The motivation for this research came from the constantly growing need to acquire better tools to tackle the broad and expanding threat landscape. One such tool which help to categorize and systematically evaluate the security of a system, product or service, is threat modeling.

Problems With Shifting Left in Designing Secure Applications

It is believed that secure systems are a corollary indicator of high-quality systems and hence it adds value to catch these defects early in the system design and development stages. However, every Engineering team and Technical Architect is always trying to find a solution to implement threat modelling into their existing DevOps Ecosystem.

The key challenge is finding ways to adopt a security framework for designing robust enterprise applications, as it is becoming difficult to stay updated with ever changing attack surfaces and threat and vulnerabilities.

Available Solutions, Benefits, Pitfalls, and Recommendations

As a DevSecOps practitioner and Security Architect I will like to share some of the key solutions available and their benefits and pitfalls through this series of evaluating different tools. I used hands on assessments and used a parameterized technical analysis and rating system for this evaluation using business cases from the emerging techs and industries.

The key factors considered into this analysis is given in the table below. I tried to conduct and in-depth analysis and recommendation and find that it is going to be useful for teams who are planning or in the process of shifting left in their organizations or projects towards DevSecOps. The Key Audience for this report is Developers, Technical Architects, Business Analysts, IT and Operations Teams of different experience levels.

Parameters

Score 3

Score 2

Score 1

Learning Curve and time to create a model

If the learning curve is small and time to create a model is less than an hour it is user friendly for majority of target audience.

If is learning curve is medium and time to create a model is more than 1 Hr. but less than 3 Hrs. and it can be used by 30-40% of target audience.

If it is difficult to learn and time to create a model is exponentially large use by the target audience.

Ease of creating Threat Model (UX)

If the user experience is high and it is easy to create and understand the threat models created by other team

If the UX is okay, but different teams are able to understand the design created by other team.

If created by someone but the threat model is difficult to understand

Provision for pre-built templates

If many templates are available

If a few templates are available

If no templates are available

No. of Threat Modelling Frameworks Supported

More than 3 Frameworks

1 0r 2 Two frameworks

No Framework support

Design View

Availability of stencils and option to add stencils or upgrade stencils

Availability of stencils but no option or difficult to customize

Standard Stencil

Available Documentation

Available and continuously updated documentation

Available documentation but hard to follow through

Zero Documentation or basic documentation.

Analysis View

Thorough Analysis with remediation.

Analysis only with no suggested remediation

No Analysis only Design

Regular Updates

Continuous and Frequent Updates

Regular or Periodic updates but large intervals

No Updates since in last 6 months

Cost

Open Source/ Pay-Per-Use/ User based Licensing

Open Source/User Licensing/Paid (other model)

Paid

Integration in CI/CD Pipeline

Possible and plugins

available

Possible but hard to integrate

Not Possible

Microsoft Threat Modelling Tool 2017 

We started off from evaluating the two common and most easily available Threat Modelling Tool. In this series I am presenting my opinion on MSMT 2017. I tried to develop and execute a threat model for an IoT Data Flow to study the usability to identify the Threats, Vulnerabilities and Remediation proposed by these tools below.

IOT Use Case

IoT Use Case

I tried to create the data flow using Microsoft Threat Modelling Tool and below is my personal finding and opinion on the benefits and pitfalls of using the tool.

Microsoft uses Microsoft Security Development Life Cycle (SDL) to identify threats, attacks, vulnerabilities, and countermeasures that could affect your application. The Microsoft Threat Modelling Tool (MTMT) provides a standard notation for visualizing system components, data flows, and security boundaries.

The tool provides a design view to add models. You can use the canvas space to drag and drop elements from the sidebar. Drag and drop is the quickest way to build models. However, I found certain challenges in designing the model in Design View.

I was able to create a similar data flow diagram but I also wanted to create flow boundaries. The stencil allowed me to add the same however, I was not able to easily modify the size or expand the boundary. This can lead to leaving more vulnerabilities in the application when we move forward to the analysis view. There are not a lot of stencils available in default download. However, you can add more templates from GitHub specifically targeted for Azure environments.

https://github.com/AzureArchitecture/threat-model-templates


framework

When I further moved into the analysis view, we found the following analysis based on STRIDE Framework which is configured within the application and is one of the popular Threat Modeling Frameworks.

In order to add new framework, the tool provides a create your own stencils and templates.

templates

A detailed view of the Threats identified by the tool and the elements involved. You can click to see the details in the property box below the table.

diagram list

It also provides the mitigation guidance and the SDL phase Impacted with the Threat along with its severity.

analysis

I found the following outcome from my analysis of using the tool.

Key Benefits

  1. Drawing a Diagram Quickly – The drag and drop elements provides a quick way to add elements to the data model.
  2. STRIDE per Element: Guided analysis of threats and mitigations
  3. Reporting: Security activities and testing in the verification phase
  4. Marking Out of Scope: The ability to mark certain elements out of scope adds value for incremental threat analysis or when different teams are involved in Threat Modelling. Teams can choose their area of scope.

Pitfalls

  1. No integration with CI/CD Pipeline.
  2. Boundary Definitions did not work properly which can create more issues to look at than the actual to mitigate.
  3. Usability of the available stencils as they were primarily designed for DFD’s.
  4. The graphical representation does not have many customizations for presentation to different audience.

Here is my final Scoring for the Microsoft Threat Modeling tool.

Parameters

Highly Rated

Good To Use

No Value Add

Learning Curve

Yes



Ease of creating Threat Model (UX)

Yes



Provision for pre-built templates


Yes


No. of Threat Modelling Frameworks Supported


Yes


Design View


Yes


Available Documentation


Yes


Analysis View


Yes


Regular Updates




Cost




Integration in CI/CD Pipeline




My conclusion, to begin with, and gaining experience in Threat Modelling this is a good tool to use to initially capture some definite security requirements which can be added to your PBI’s and can be taken care of during the sprints.

We continue to focus and strive to build solutions for the most critical development and operations for the product and engineering teams and will continue to bring you across the next 101 on OWASP Threat Modelling Tool.

security teams Framework application Design Template Continuous Integration/Deployment Element Documentation

Opinions expressed by DZone contributors are their own.

Related

  • Zero to Hero on Kubernetes With Devtron
  • 4 Essential Strategies for Enhancing Your Application Security Posture
  • Dynatrace Perform: Day Two
  • 5 Trends That Will Shape Application Security in 2023

Partner Resources

×

Comments
Oops! Something Went Wrong

The likes didn't load as expected. Please refresh the page and try again.

ABOUT US

  • About DZone
  • Support and feedback
  • Community research
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Core Program
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 3343 Perimeter Hill Drive
  • Suite 100
  • Nashville, TN 37211
  • support@dzone.com

Let's be friends:

Likes
There are no likes...yet! 👀
Be the first to like this post!
It looks like you're not logged in.
Sign in to see who liked this post!