Cookie Notice

We use cookies to analyse site traffic and optimise your browsing experience. Accepting necessary cookies is required to provide you with a minimum level of service. Read Cookie Statement

Get In Touch
Contact Us

Contact Us

Please get in touch using the form below

1000 characters left
View our privacy policy
Experiencing a breach? Get emergency incident response assistance.

Overview

Better decision-making for a more streamlined software development lifecycle

Threat modelling plays a vital role in identifying attack surfaces and entry points in the critical early stages of developing a secure software development lifecycle (SDLC). It is also often less costly than if undertaken at later stages due to minimal remediation costs.

Kroll leverages a flexible framework that combines advanced tooling with seasoned intelligence. Our approach combines two complementary processes supported by a defined methodology, guiding resources, standard operating procedures and tools. By achieving a balance of accessibility, scalability and agility, we ensure that rather than being an obstacle, threat modelling is an enabler in your application development lifecycle.

Diagram of computer with people

Definition

What is threat modelling?

Threat modelling involves the analysis of an application to identify and mitigate potential design and/or implementation weaknesses to assess how best to protect it. Application threat modelling allows organisations to locate potential weaknesses within a system and find design and implementation issues that require mitigation.

Our threat modelling framework enables developers to undertake application threat modelling with the guidance of a complete knowledge-base of templates, standards, common vulnerabilities, security controls and process documentation. By utilising a wide range of tooling, teams can achieve reliable coverage of common vulnerabilities and more easily verify threat mitigation.

Our program

Our application threat modelling program

There is no one ‘right’ approach to threat modelling. The best strategy for your organisation is the one that works, is consistently used throughout your organisation and supports improvements to enhance your security posture.

However, as the effective and timely analysis of threats demands time and effort, teams can more easily adopt, view results and implement improvements through Kroll’s approach to defining and implementing application threat modelling programs. Our program is made up of three essential components, as defined below.

Core components

Threat modelling framework

The application threat modelling framework is the foundation of our threat modelling program, defining core concepts and terminology. It is also a central resource for our internal threat modelling knowledge base, training materials, tools, templates and guides.

Abuse case and business logic

This process focuses on identifying threats, weaknesses and vulnerabilities unique to the application that cannot be identified using automation. It provides the depth required to uncover potential threats in complex business logic scenarios.

Weaknesses and controls

This process is focused on identifying system weaknesses and the controls that will prevent them, with the support of automation. It uses tooling to identify common and accepted guidance, good practices and design patterns early on in the development lifecycle.

Key principles

Progress first

By aiming for continuous progress, organisations can better recognise incremental steps forward and reduce the risks of becoming stuck while seeking to meet unattainable standards.

Controlled automation

Because automation should increase efficiency and generate value it is important to assess its impact on related processes.

Value diverse viewpoints

By ensuring your process involves diverse experiences, knowledge and viewpoints, you can benefit from better quality and more wide-ranging insights.

Common weaknesses

Weaknesses threat modelling will uncover

While systems vary in architecture, features and technology, they have many security-critical aspects in common. The process of locating and addressing threats in each of these areas is based on well-established patterns and best practices. We help to uncover common weaknesses in:

  • Configuration and deployment management
  • Identity management
  • Authentication and authorisation
  • Session management
  • Input validation
  • Error handling
  • Cryptography
  • Client-side security

FAQ

Frequently asked questions

What is threat modelling?

Application threat modelling is the visualisation of the attack surface of an application in order to identify threats and vulnerabilities that may pose a risk to its functionality or data. This enables development teams to better understand the types of threats and risks the application might be affected by. Threat modelling should be iterative and cyclical to ensure that the threat model is updated as the application changes.

What is the goal of threat modelling?

Threat modelling enables development teams to identify and mitigate potential security issues early on in the development process, when they are easier and more cost-effective to address. It helps teams to gain a better understanding of the application’s attack surface and find entry points attackers could utilise to breach it.

Are dedicated tools and resources required for threat modelling?

The threat modelling process requires the use of specific tools and techniques so that developers and software architects can find potential threats and set up effective controls to detect or resolve threats.

What is the best way to assess the effectiveness of threat modelling?

The threat modelling process involves creating and reviewing a risk matrix. This helps to determine whether a threat is effectively mitigated. OWASP and other key industry standards offer structured guidance on the threat modelling process and outline how it complements application security.

What are some additional advantages of application threat modelling?

Added benefits of threat modelling include the ability to the evaluate new forms of attack and non-standard types of threats, and maximising budgets through more targeted testing and code reviews.

Why can’t issues in applications be identified using penetration testing?

While penetration testing provides valuable insight in helping to identify bugs in code, security assessments such as threat modelling are more effective at uncovering design flaws.

Get in touch

Complete the form for a prompt response from our team.

Two Redscan team members analysing cyber security intelligence

1000 characters left
View our privacy policy

Resources

Discover our latest content and resources

From the blog
From the blog Case studies Latest news
29th April 2024
Security leaders anticipate daily AI-driven attacks by year-end
According to new research, the majority of businesses are worried about AI-enabled cyber-threats, with 93% of security leaders anticipating daily attacks of this type by the end of 2024.  
22nd April 2024
Quishing attacks increase tenfold
According to new research, quishing attacks, a type of phishing that leverages QR codes, have significantly increased, rising from 0.8% in 2021 to 10.8% in 2024.
15th April 2024
Half of UK businesses affected by cyber-incident in the past year
According to a new report by the UK government, half of UK businesses have reported a cyber incident or data breach in the past 12 months.  
8th April 2024
Infostealers prominent in retail cyber-attacks
New research has highlighted that the use of infostealers dominated in cyber-attacks on retailers over the past year.