How Developers Can Easily Learn to do Threat Modeling

The Evolving SDLC Paradigm

MOST RECENT POSTS

When considering the evolution of the software development lifecycle, the first thing that comes to mind is the shift from waterfall to agile. The shift to agile was driven by the need for software development to be, well, more agile. From Catalyst Investors, “The software development lifecycle (SDLC) experienced a paradigm shift when, driven by demand for more rapid innovation, traditional practices gave way to agile development methods that became commonplace amongst DevOps teams.”

Immediately on the tail of the change in development philosophy, came the need for new software development tools. From Catalyst, “As the development methods became more iterative in nature, developers required a new set of tools to not only enable but also accelerate the software development process, resulting in the proliferation of DevOps tools.”

Today, agile approaches are firmly entrenched in the SDLC, but that doesn’t mean the evolution has ceased. It continues to evolve. However, the critical success factor for SDLC is no longer migrating from waterfall to agile. Today, it’s about following continuously-evolving best practices. And one of the most important best practices today is that software development must become secure software development.

The New Definition of SDLC

SDLC now stands for Secure Development Lifecycle. According to Jim Manico, OWASP board member, this new SDLC’s best practices include the following:

  • Secure coding checklist
  • Static and dynamic code analysis
  • Security awareness training
  • Threat modeling
  • Application security risk matrix

Why is secure software development considered a new essential best practice? Because according to NIST, IBM and Gartner Group, “The cost of removing an application security vulnerability during the design phase ranges from 30-60 times less than if removed during production.”

The Main Paradigm Shift

The main paradigm shift in secure software development is the heightened focus on threat assessment. From Bart De Win, Ph.D. and OWASP chapter co-leader, “The goal of this practice is to focus on the attacker perspective of things.” This specifically includes identifying and understanding high-level threats and tying compensating controls to each threat. If all this sounds a lot like threat modeling, that’s because it is.

According to Dr. De Win, the number one activity in threat assessment is to “Build and maintain application-specific threat models.” And he’s not alone in his thinking. From the SAFECode Fundamental Practices for Secure Software Development, Third Edition, [threat modeling] “has proven to be one of the best return on investment activities for identifying and addressing design flaws before their implementation into code.” But, timing of implementation is critical.

Timing is Critical

From SAFECode, “The greatest benefit from threat modeling is realized when it is performed early in the development lifecycle before code is committed. Even if that cannot be achieved, threat modeling provides value in mapping out a system to understand and prioritize its weaknesses. Downstream activities such as static analysis, security testing and customer documentation can be greatly guided and focused based on the context provided by threat modeling.”

SAFECode simply confirmed what NIST, IBM and Gartner Group already knew: threat modeling is not only a best practice in the evolving SDLC, it’s also smart business.

If you’re ready to  make threat modeling a best practice in your SDLC, sign up for a free demo from the number on name in threat modeling, Threat Modeler.

Leave a Reply

You must be logged in to post a comment.