The annual, five-day Open Security Summit is unique on the Information Security conference calendar as it entails security practitioners coming together in working sessions to collaborate on moving the industry practice forward.
This year was unusual however, as it was the first time sessions could not be held in person. Session panelists participated exclusively by video conferencing. As part of this format change, industry vendors were invited to showcase their platforms. ThreatModeler was delighted to be one of the software companies invited.
But we wanted to do more than just demonstrate the platform and were keen to make our own contribution to the threat modeling portion of the summit by introducing our new white paper entitled: Process Flow Diagrams (PFDs) vs Data Flow Diagrams (DFDs) in the Modern Threat Modeling Arena.
That’s not to say that demonstrating the ThreatModeler platform does not in itself move the threat modeling practice forward, as two new features showcased answer some very pertinent pain points.
Pain Point One
Question: How do I keep my threat model relevant and up-to-date in a fast moving, ever changing cloud environment?
Answer: ThreatModeler’s Cloud Accelerator.
This feature allows you to plug ThreatModeler directly into your cloud environment, pull down the “live” infrastructure and convert it to a diagram. Furthermore, this functionality integrates with the cloud’s security tools and determines if your infrastructure meets best practice security guidelines. If it does not, security requirements are suggested to bring your cloud environment in alignment.
Continuous – or periodic – syncs facilitate the detection of changes in the cloud environment. Any drifts from a security standpoint are highlighted and remediations suggested.
This means security architect teams can be made fully aware of their security posture when even rapid changes are made in their cloud environment. As a consequence, DevSecOps can implement the security mitigations required to plug any new gaps as a consequence of those changes.
For example, any introduction of new components brings new threats. In order to address this, ThreatModeler’s drift feature automatically identifies the threats and defines corresponding security requirements.
Pain Point Two
Question: How do users build a secure cloud architecture diagram inside ThreatModeler if they have no architectural security knowledge to begin with?
Answer: ThreatModeler’s Onboard Security Architect
Security Architect makes it simpler to build architectural threat model diagrams based on rules set by AWS and ThreatModeler. The platform provides the user with steps to complete the threat model diagram, and identifies assets, attack vectors and dependencies tied to the components.
As cloud architectural components are selected from the toolbox palette, the onboard security architect leaps to life and makes architectural security suggestions. For example, if an AWS EC2 component is selected, the intelligent onboard security architect detects an AWS security group is required. Furthermore, the user is given the ability for one-click execution and the threat model automatically introduces this critical missing security feature:
The ultimate goal of this functionality is of course to create fully secure cloud threat model architectures in the first place and then convert these to infrastructure-as-code for secure deployment.
The presentation in full may be viewed here.
ThreatModeler’s New White Paper On the DFD vs. PFD-based Threat Modeling Debate
As part of this presentation, much was mentioned from a threat modeling methodological vantage. And this is where ThreatModeler’s new white paper comes in. Titled “Process Flow Diagrams (PFDs) vs. Data Flow Diagrams (DFDs) in the Modern Threat Modeling Arena,” the new paper puts forward an argument that the traditional threat modeling methodology is not suitable for today’s complex and interconnected IT environment:
“ … leveraging Data Flow Diagrams (DFDs) are outmoded and inadequate in a modern, fast-paced, fast-changing, operational and development environment. Process flow diagrams (PFD) in contrast are perfectly suited to uncover and mitigate potential threats to modern systems.
But as the quote by Buckminster Fuller states: “You never change things by fighting the existing reality. To change something, build a new model that makes the existing model obsolete.”
And it is in that spirit we also put forward the Visual Agile Simple Threat Modeling (VAST) paradigm in the paper, which is exemplified in the ThreatModeler platform itself.
The paper may be downloaded here and of course if you wish to see the reality of Process Flow Diagramming and the Visual Agile Simple Threat Modeling methodology in action, we would be happy to give you your own tailored demonstration of the ThreatModeler platform.
And here is the Paper’s abstract to whet your appetite:
Originally popularized by Microsoft in their Open Source Threat Modeling Tool (TMT), data flow diagrams (DFDs) have been the de facto approach to threat modeling in the Information Security profession. As the technology industry has moved towards rapid iterative modular development and deployment, the flaws in continuing to use DFDs have become painfully obvious. This short paper puts forward some of those flaws and the advantages of moving to a more mature Process Flow Diagram (PFD) approach to threat modeling as a solution.