Pushing Left, Like a Boss -Part 6: Threat Modelling
This series, and my blog, has moved! Check it out!
In the last security-related part of the Design Phase of the System Development Life Cycle (SDLC) is threat modelling, affectionately known as “evil brainstorming”.
** This article is part of a series, and the previous article was Part 5.14 Secure Coding Summary.
The purpose of threat modelling is to discuss the possible threats to your system, then to do your best to mitigate them, and if not, to manage or accept the risks. There are multiple formalized methods for doing this, which I will not discuss here, each one already has its’ own book, advocate or dedicated blog, likely doing a better job detailing it than I ever could. In fact, Microsoft (my employer) basically invented threat modelling, and you can read much more about it here.
That said, dear reader, I want you to understand why threat modelling is important, who needs to do it, as well as when and how you can start.
In order to create a threat model, a representative from each project stakeholder group need to be present, this means someone from the business, someone representing the customer, a security rep, and someone from the development team. Yes, someone from the tech team needs to be there; they often have the most-frightening threat ideas.
