Global AppSec DC 2019

Threat Modeling is a great way to identify security risk by structuring possible attacks, bad actors and security controls over a broad view of the targeted system.

Most people do threat modeling by documenting risk textually but visual representations can be powerful. This talk will show listeners how to build flow diagrams to analyze system risk using graphical tools. We’ll explore flow diagram components and how to graph them using a whiteboard and vector graphics software. We’ll also see how to create the diagrams as code using Python with the open source tool pytm. Putting your threat model in code allows you to refactor the model easily. It also gives you the freedom to generate multiple type of views from the same input and reuse parts of the model easily.

While serving as an introduction, this presentation also gives away a few tricks to make threat modeling handy in the real world. With flow diagrams, having a clear one pager with information at a glance offer some advantages over other detailed methods. For example, adding a simple security controls table on the same page can be used as a way of communicating requirements to development teams.

Modeling concepts will be demonstrated using different examples that are part of an OWASP Project collecting open sourced diagrams.