OWASP Developer Guide

Threat Modeling Toolkit

4.1.6 Threat Modeling toolkit

There is no one technique or tool that fits every threat modeling process. The process can be tactical or architectural, subjective or automated, attack tree or data flow diagram, all are perfectly valid for different organizations, teams and situations.

The OWASP Threat Modeling toolkit presentation at OWASP AppSec California 2018 gives a good overview of the range of concepts and techniques that can be regarded as threat modeling.

Advice on Threat Modeling

In addition to the Threat Modeling toolkit there are OWASP community pages on Threat Modeling and the OWASP Threat Modeling Project, both of which provide context and overviews of threat modeling - in particular Shostack’s Four Question Framework.

Threat Modeling step by step

The Threat Modeling Process suggests steps that should be taken when threat modeling:

  1. Decompose the Application
  2. Determine and Rank Threats
  3. Determine Countermeasures and Mitigation

and goes into detail on each concept :

  • External Dependencies
  • Entry Points
  • Exit Points
  • Assets
  • Trust Levels
  • Threat Categorization
  • Threat Analysis
  • Ranking of Threats
  • Remediation for threats / vulnerabilities

The OWASP Threat Modeling Playbook (OTMP) is an OWASP Incubator project that describes how to create and nurture a good threat modeling culture within the organisation itself.

Cheat Sheets for Threat Modeling

The OWASP series of Cheat Sheets is a primary source of advice and techniques on all things security, with the OWASP Threat Modeling Cheat Sheet and OWASP Attack Surface Analysis Cheat Sheet providing practical suggestions along with explanations of both the terminology and the concepts involved.

The OWASP Developer Guide is a community effort; if there is something that needs changing then submit an issue or edit on GitHub.