Organizations are starting to warm up to the idea that they need to implement threat modeling. After all, it’s not just good business, but in many cases, it’s mandatory.
For example, there are now many regulatory bodies that mandate threat modeling. These include in the U.S., the National Institute of Standards and Technology (NIST), the Food and Drug Administration (FDA) and the Federal Trade Commission (FTC). Internationally, the International Organization for Standardization (ISO) requires threat modeling for automobiles.
Not too long after a company embraces the idea of instituting a threat modeling process, they begin to look for commercially available tools to help automate some or most of their threat modeling effort. In this article, we’ll give a quick overview of five capabilities you should look for in a threat modeling tool.
1. Collaborative
Threat modeling works best as a collaborative effort. For example, there are those who create threat models and those who review threat models. They should be different people. Those two people need to collaborate on threat models.
A good threat modeling tool supports easy collaboration. Some things to look for, which support collaboration, are role-based access control (RBAC), single-sign-on (SSO) integration, reporting and a dashboard. Additionally, it’s preferable to not be charged by the user, as this discourages widespread use of the tool (thereby stifling collaboration).
2. Continuous
Let’s face it, a threat modeling tool that integrates seamlessly into a company’s SDLC is going to get used more often than a stand-alone tool. And since modern SDLCs are continuous, modern threat modeling tools must also be continuous.
Something to look for is does the tool integrate with the other SDLC tools you’re already using like JIRA, Jenkins and GitHub? Also, does it have the ability to continuously monitor a changing cloud environment? That’s an extremely useful capability in cloud deployments.
3. Visualized
You just can’t threat model effectively without a visual diagram. You need to be able to visualize both data flows and process flows. But what separates one tool from another when diagramming is the level of detail associated with each component in the diagram.
You’ll want to look for two things in a threat modeling tool when it comes to diagraming. First, you should be able to create the diagram several different ways including from scratch, importing a file (e.g., VSDX), from a template and from a pre-designed threat model.
Second, you’ll want each component in the diagram to have a great level of detail. Things to look for in each component include threats, security requirements, regulatory requirements, mitigations, protocols and test cases.
4. Repeatable
Wouldn’t it be nice if different people in your organization, with different degrees of security expertise, all produced the same threat model for the same application? That’s the idea of a repeatable threat modeling process. One that is facilitated by a repeatable threat modeling tool.
Features to look for in a threat modeling tool that support repeatability include codified best practices, libraries, the use of templates, incorporation of threat frameworks and even pre-built threat models.
5. Scalable
If you only need to produce a handful of threat models, you may not even need a threat modeling tool—maybe Visio and Excel will do the trick. But if you need to do thousands or tens of thousands of threat models, not only will you need a threat modeling tool, but you’ll need one that scales.
First and foremost, to be scalable, a threat modeling tool must be web-based. That’s the only way to feasibly accommodate a geographically diverse workforce. Other features that support scalability include automated processes, programmable workflows, APIs (to support third-party integrations) and the ability to support thousands of threat models.
Now the question becomes, is there such a threat modeling tool that includes all these capabilities? Yes. ThreatModeler.
ThreatModeler was designed from day one to be collaborative, continuous, visual, repeatable, and scalable. And ThreatModeler is as close to one-click threat modeling as there is today. If you’d like to learn more about ThreatModeler, you can contact us here.
