practical approach for lightway threat modeling automation
play

Practical Approach For Lightway Threat Modeling Automation Vitaly - PowerPoint PPT Presentation

Jul 25, 2023 •307 likes •659 views

Practical Approach For Lightway Threat Modeling Automation Vitaly Davidoff CISSP , CSSLP Agenda What is Threat Modeling Existing Methodologies Problems in common solution Lightway Threat Modeling As a Code

  1. Practical Approach For “Lightway” Threat Modeling Automation Vitaly Davidoff CISSP , CSSLP

  2. Agenda What is Threat Modeling  Existing Methodologies  Problems in common solution  Lightway Threat Modeling “As a Code”  Risks Based Security Tests Orchestration  CI/CD Overview  Tools  Things to warry about 

  3. $WhoAmI AppSec Domain Lead at Citi Innovation Lab  15 years of experience as a developer  5+ years experience in application security  Martial Arts instructor 

  4. Basic Security Terminology Asset  Threat  Vulnerability  Attack (or Exploit)  Abuse Case  Countermeasure (Security Control)  Risk 

  5. Basic Security Terminology Source: ISO 15408:2005

  6. Secure SDLC Process Source: MicroFocus

  7. What Is Threat Modeling A powerful way to identify potentials threats, visualize risks and  understand the security of the application A starting point to create robust security minded test plans  The most reliable way to:  Understand the security implications of system architecture  Find business-process and system level security risks  Ensure you get the most impact for your security investment 

  8. Existing Methodologies  STRIDE The STRIDE approach to threat modeling was introduced in 1999 at Microsoft, providing a mnemonic for developers to find 'threats to our products'.  PASTA The Process for Attack Simulation and Threat Analysis (PASTA) is a seven-step, risk-centric methodology.  VAST VAST is an acronym for Visual, Agile, and Simple Threat modeling. The underlying principle of this methodology is the necessity of scaling the threat modeling process across the infrastructure and entire SDLC, and integrating it seamlessly into an Agile software development methodology.  Trike The focus of the Trike methodology is using threat models as a risk-management tool. Within this framework, threat models are used to satisfy the security auditing process.

  9. Threat Modeling Process  What are we building? “what are we working on, now, in this sprint/spike/feature?”   What can go wrong?  What are we going to do about that?  Did we do a good enough job?

  10. Data Flow Diagram (DFD)

  11. Process Flow Diagram (PFD)

  12. “Think Like A Hacker!”

  13. STRIDE – Identify Threats

  14. Source: OWASP

  15. Threat Modeling - Benefjts Source: We45

  16. A Note About “Intuitive” Security

  17. A Note About “Intuitive” Security

  18. Threat Modeling And Secure SDLC In simple words, at the early stages of the SDLC: Every time there is a change in the  system’s architecture. After a security incident has occurred or  new vulnerabilities are introduced. As soon as the architecture is ready. 

  19. Threat Modeling - Responsibilities Architects  Security Specialists  Business Analysts  Developers  Security Champions 

  20. Common Problems Manual process, takes a lot of time  Not propagated to Developers (in some cases, design defects opened)  Updated on rare occasions (or not updates at all)  Proceeded by security team (with very little help from R&D)  Not integrated with DevOps model (CI/CD)  Concentrated on Diagrams, not on countermeasures  “Agile and Microservices created a reality where Threat Modeling becomes a bottleneck - heavily resource intensive, requires a full team of expensive security professionals, takes up far too much time, and does not scalable…”

  21. DevOps Automation Fosters speed  Minimize human intervention  Specification based frameworks  Abstract the complexity away from the developer  Make everything as a Code! 

  22. “Lightway” Threat Modeling As A Code CI/CD integration (security tests might be Threat Modeling based)  Collaboration between different roles  Iterative Threat Modeling  Manageable Threat Modeling  Just enough Threat Modeling  28 % Automated Manual Let ~80% of Threat Modeling be automated! 72 % 

  23. Step 1: Pattern* Defjnition (Example) * Stephen De Vries - Threat Modeling With Architectural Risk Patterns - AppSecUSA 2016

  24. Patterns Selection

  25. From The Developer’s Point Of View

  26. Step 2: Threat Modeling YAML File Source: ThreatPlaybook

  27. Step 3: Risk Based Security Test Orchestration TM code Reporting Generation and Metrics • Questionnaire • Run Security Pipeline • Patterns • Tests list adopted to • Generate Yaml files • Save reports • Integrate with TM concreate feature • Insert into Source • Calculate Security Management tool repository Coverage level • Test cases definitions • Security controls list Security Survey Tests

  28. YAML  Deploy stage will run  Approval Gate will check parallel Security Test Security Test coverage and pipeline (Asynchronies) automatically approve push to production if security criteria achieved

  29. Step 4: CI/CD Integration (Example) Process will be triggered by “Security Test” step as part of Build stage   Pull Threat Modeling process from Git (If not exists – process will be stopped! As a Gate)  Run Security test pipeline (as parallel to functional pipeline) During any “final” stage (post-functional tests)   Validate if security tests flow finished  Check security coverage (As a Gate)  If vulnerabilities found – open tickets inside defect management system (Jira) During release approve stage   Automatically approve! If has a good coverage and suitable vulnerabilities score  Manual approve only need if security thresholds violated

  30. Coverage Review Coverage calculated by automation tool  Ticket should be opened automatically with all context needed  Report contains all tests and findings in relation to Threat Modeling  use cases CWE TM FISMA PCI HIPPA NIAP OWASP GDPR FFIEC

  31. Main Points (Summary) Based on OWASP ASVS v2 or other standards  Part of feature onboarding  Generic Threats Responsibility moved to R&D  Integrated part of CI/CD flow  Managed by security specialists  JSON HTTP Threats Threats Template based approach!  SOAP REST GraphQL Threats Threats Threats

  32. Thinks To Warry About Scope – Feature/User story  No single framework exists  No Threat Modeling orchestration specification  Evaluation plan (synchronies vs asynchronies)  Integrate manual Threat Modeling process be part of orchestration 

  33. Toolset (Example)  ChatOps Slak – Uses as semi-automated check list questioner  ThreatPlaybook – Automation for Threat Modeling process and documents  ThreatModeler – Threats generation based on DFD’s  Jenkins – CI/CD pipeline or Security Pipeline  Robot – Security Pipeline  BDD – Security Test (behavior driven)  Jira – Features and Defects Management system  IriusRisk – Management framework and Threat Modeling automation  Orchestron – Management Tool  Security Compass – Management Tool  ZeroNorth – tests orchestrator and reports management system

  34. Thank You! vitaly.davidoff@citi.com LinkedIn: https://www.linkedin.com/in/vitaly-davidoff-07039a1

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Threat Modeling and S haring S ummary Proposal to kick off Threat Modeling proj ect

Threat Modeling and S haring S ummary Proposal to kick off Threat Modeling proj ect

Threat Modeling and S haring S ummary Proposal to kick off Threat Modeling proj ect Multi-phase approach Initially: create Cyber Domain PIM and S TIX PS M with UML Profile for NIEM Expand to other PS M, create Threat Meta

211 views • 10 slides
Lessons from Star Wars Adam Shostack @adamshostack Agenda What is threat modeling? A

Lessons from Star Wars Adam Shostack @adamshostack Agenda What is threat modeling? A

Threat Modeling: Lessons from Star Wars Adam Shostack @adamshostack Agenda What is threat modeling? A simple approach to threat modeling Top 10 lessons Learning more What is threat modeling? A SIMPLE APPROACH TO THREAT

606 views • 41 slides
Offensive Threat Modeling for Attackers turning threat modeling on its head Rafal M. Los

Offensive Threat Modeling for Attackers turning threat modeling on its head Rafal M. Los

Offensive Threat Modeling for Attackers turning threat modeling on its head Rafal M. Los Chief Security Evangelist HP Software Shane MacDougall Principal Tactical Intelligence Modern threat modeling is a defensive response to

783 views • 52 slides
Outline Starting synchronous lecture recording CSci 4271W More perspectives on threat modeling

Outline Starting synchronous lecture recording CSci 4271W More perspectives on threat modeling

Outline Starting synchronous lecture recording CSci 4271W More perspectives on threat modeling Development of Secure Software Systems Threat modeling: printer manager Day 7: More Threat Modeling Stephen McCamant Logistics update, incl.

564 views • 4 slides
AN INTRODUCTION TO THREAT MODELING IN PRACTICE Thorsten Tarrach, Christoph Schmittner WHAT IS

AN INTRODUCTION TO THREAT MODELING IN PRACTICE Thorsten Tarrach, Christoph Schmittner WHAT IS

AN INTRODUCTION TO THREAT MODELING IN PRACTICE Thorsten Tarrach, Christoph Schmittner WHAT IS THREAT MODELING Introduction WHAT IS THREAT MODELING Structured Process Examination of a system for potential weaknesses

391 views • 28 slides
Lightway tubular skylights Lightway tubular skylights install lation & performance ation

Lightway tubular skylights Lightway tubular skylights install lation & performance ation

Project: Lightway tubular skylights Lightway tubular skylights install lation & performance ation & performance instal Tubular skylight Tubular skylight You have decided to use light tubes in your building? ? You have decided to

750 views • 32 slides
Lightway Solar America In a solar market reliant on 3 rd party financing, we recognize the

Lightway Solar America In a solar market reliant on 3 rd party financing, we recognize the

Bankability of Lightway Solar America In a solar market reliant on 3 rd party financing, we recognize the importance of having a dependable, reliable supplier for your long term investment Lightway Solar America, Inc. August 31, 2012

655 views • 36 slides
Public key cryptography: a practical Public key cryptography: a practical approach approach

Public key cryptography: a practical Public key cryptography: a practical approach approach

Public key cryptography: a practical Public key cryptography: a practical approach approach Israel Herraiz <isra@herraiz.org> <israel.herraiz@upm.es> KeyID FE0A7AF3 Fingerprint D0DA E915 BFDD E5CD 8BA0 B159 7E97 2ACB FE0A 7AF3

996 views • 43 slides
Automation + Machine Learning = Hands Free NFV A Word On Automation through ML for Openstack

Automation + Machine Learning = Hands Free NFV A Word On Automation through ML for Openstack

01.11.2017 Automation + Machine Learning = Hands Free NFV A Word On Automation through ML for Openstack NFV PRAKASH RAMCHANDRAN MICHAEL TIEN JAYANTHI A GOKHALE Agenda NFV Automation Challenges? Practical Viewpoint from Dell Labs?

1.04k views • 41 slides
Introduction to UML A Practical Approach to Product Development Description This seminar is

Introduction to UML A Practical Approach to Product Development Description This seminar is

Introduction to UML A Practical Approach to Product Development Description This seminar is designed to help you get started using the Unified Modeling Language (UML) as a visual design tool using a development process. A simple case

1.14k views • 67 slides
Practical Office Automation or How to Hack the OpenOffice.org File Format Jacob Sparre Andersen

Practical Office Automation or How to Hack the OpenOffice.org File Format Jacob Sparre Andersen

LinuxDay/Cagliari 2005: Practical Office Automation Practical Office Automation or How to Hack the OpenOffice.org File Format Jacob Sparre Andersen <sparre@crs4.it> Questions are welcome at any time during the talk. p. 1

435 views • 17 slides
Mainstreaming transport co- benefits approach: a practical guide benefits approach: a practical

Mainstreaming transport co- benefits approach: a practical guide benefits approach: a practical

Mainstreaming transport co- benefits approach: a practical guide benefits approach: a practical guide to evaluating transport projects Jane Romero Cli Climate Change Group Ch G IGES Outline Out e o Overview o Why quantify co-benefits?

345 views • 15 slides
1 Automation Overview Definition Automation (automation, Automation ) : 1) set of all measures

1 Automation Overview Definition Automation (automation, Automation ) : 1) set of all measures

Industrial Automation Spring 2019, EPFL 1 Automation Overview Definition Automation (automation, Automation ) : 1) set of all measures aiming at replacing human work through machines (e.g. automation is applied science) 2) the

1.39k views • 63 slides
Practical Office Automation Hacking the OpenOffice.org File Format Jacob Sparre Andersen

Practical Office Automation Hacking the OpenOffice.org File Format Jacob Sparre Andersen

Practical Office Automation Hacking the OpenOffice.org File Format Jacob Sparre Andersen sparre@crs4.it LinuxDay/Cagliari 2005: Practical Office Automation http://edb.jacob-sparre.dk/foredrag/OOo/ p. 1 Ouverture Subject: This talk is

310 views • 17 slides
Threat Modeling Frank Piessens (Frank.Piessens@cs.kuleuven.be ) KATHOLIEKE Secappdev 2007 1

Threat Modeling Frank Piessens (Frank.Piessens@cs.kuleuven.be ) KATHOLIEKE Secappdev 2007 1

Threat Modeling Frank Piessens (Frank.Piessens@cs.kuleuven.be ) KATHOLIEKE Secappdev 2007 1 UNIVERSITEIT LEUVEN Overview Introduction Key Concepts Threats, Vulnerabilities, Countermeasures Example Microsofts Threat

784 views • 39 slides
28/10/13 Title: Using Executable Visual Modeling in a Practical Application of Integrating Two

28/10/13 Title: Using Executable Visual Modeling in a Practical Application of Integrating Two

28/10/13 Title: Using Executable Visual Modeling in a Practical Application of Integrating Two Systems Abstract Number: SD13015 This topic is a case study demonstrating how visual modeling using UML (Unified Modeling Language) is applied in

740 views • 16 slides
SE 1: Software Requirements Specification and Analysis Lecture 4: Basic Notations Nancy Day,

SE 1: Software Requirements Specification and Analysis Lecture 4: Basic Notations Nancy Day,

SE 1: Software Requirements Specification and Analysis Lecture 4: Basic Notations Nancy Day, Davor Svetinovi c http://www.student.cs.uwaterloo.ca/cs445/Winter2006 uw.cs.cs445 U Waterloo SE1 (Winter 2006) p.1/38 Announcements Send

618 views • 38 slides
And now for something completely different CFG utility beyond compilers 1 An RNA Structure An

And now for something completely different CFG utility beyond compilers 1 An RNA Structure An

And now for something completely different CFG utility beyond compilers 1 An RNA Structure An RNA Sensor & On/Off Switch L19 absent: Gene On L19 present: Gene Off mRNA leader An RNA Grammar S LS | L L s | dFd F

438 views • 5 slides
Chapter 6 Chapter 6 System Models Learning Objective Abstract presentations of systems whose

Chapter 6 Chapter 6 System Models Learning Objective Abstract presentations of systems whose

Chapter 6 Chapter 6 System Models Learning Objective Abstract presentations of systems whose requirements are being analyzed Frederick T Sheldon Assistant Professor of Computer Science Washington State University CS 422 Software Engineering

408 views • 11 slides
1 2 Analysis Modeling Review Chapters 12 3 Analysis Modeling A Picture is worth a

1 2 Analysis Modeling Review Chapters 12 3 Analysis Modeling A Picture is worth a

1 2 Analysis Modeling Review Chapters 12 3 Analysis Modeling A Picture is worth a 1000 Words!!! Helps better understand the requirements Data Function and Behavior Analysis modeling helps validate the

1.33k views • 88 slides
Mapping Data Flow Models to the Palladio Component Model Stephan Seifermann, Dominik Werle, Mazen

Mapping Data Flow Models to the Palladio Component Model Stephan Seifermann, Dominik Werle, Mazen

Mapping Data Flow Models to the Palladio Component Model Stephan Seifermann, Dominik Werle, Mazen Ebada 06.11.2019 - Symposium on Software Performance 2019, Wrzburg SOFTWARE DESIGN AND QUALITY GROUP, INSTITUTE FOR PROGRAM STRUCTURES AND DATA

524 views • 26 slides
The CLIC Linear Collider The CLIC Linear Collider Hans H. Braun / CERN Hans H. Braun / CERN

The CLIC Linear Collider The CLIC Linear Collider Hans H. Braun / CERN Hans H. Braun / CERN

The CLIC Linear Collider The CLIC Linear Collider Hans H. Braun / CERN Hans H. Braun / CERN Introduction CLIC & CTF3 Introduction CLIC & CTF3 CTF3 status and achievements CTF3 status and achievements RF Structure

861 views • 49 slides
MTA Beam for ITA J.A. Johnstone ITA Meeting 25 Jan 2018 Overview Extraction from Linac

MTA Beam for ITA J.A. Johnstone ITA Meeting 25 Jan 2018 Overview Extraction from Linac

MTA Beam for ITA J.A. Johnstone ITA Meeting 25 Jan 2018 Overview Extraction from Linac Entire 400-MeV Linac pulse must be cleanly extracted Pulse length/intensity can be controlled with 750-keV Linac chopper from 8 77 sec

476 views • 22 slides
33:010:458 33:010:458 Accounting Information Accounting Information Systems Systems Dr. Peter

33:010:458 33:010:458 Accounting Information Accounting Information Systems Systems Dr. Peter

33:010:458 33:010:458 Accounting Information Accounting Information Systems Systems Dr. Peter R. Gillett Associate Professor Department of Accounting, Business Ethics and Information Systems Rutgers Business SchoolNewark and New

436 views • 43 slides

More recommend