Threat modeling is a structured process to identify, assess, and address any potential threats and vulnerabilities of a system. Threat modeling typically involves identifying the valuable assets that an organization wants to protect, then identifying as well as prioritizing the vulnerability and attack vectors associated with those assets to address the most likely threats. Threat modeling is used to generate an abstraction of the system; profiles of the potential adversary, including adversary’s capabilities, goals, motivations, and methods; and a list of potential threats that may arise in the future. Threat modeling helps to define valuable assets and the possible attacks that they are likely to face. The purpose of threat modeling is to determine where the most effort should be applied to keep a system secure.
Three main elements of threat modeling:
After inventorying and categorizing the valuable assets that an adversary may be able to attack, the organization tries to find out all vulnerabilities inherent in their systems that could lead to the compromise of their confidentiality, integrity, or availability. Organization then asks the question, “Who would want to exploit this vulnerability, and why?” This question leads the cyber threat intelligence team to a deliberate analysis of their potential adversaries, their motivations, and their capabilities.