100,99 €
Mehr erfahren.
- Herausgeber: John Wiley & Sons
- Kategorie: Fachliteratur
- Sprache: Englisch
This book introduces the Process for Attack Simulation & Threat Analysis (PASTA) threat modeling methodology. It provides an introduction to various types of application threat modeling and introduces a risk-centric methodology aimed at applying security countermeasures that are commensurate to the possible impact that could be sustained from defined threat models, vulnerabilities, weaknesses, and attack patterns. This book describes how to apply application threat modeling as an advanced preventive form of security. The authors discuss the methodologies, tools, and case studies of successful application threat modeling techniques. Chapter 1 provides an overview of threat modeling, while Chapter 2 describes the objectives and benefits of threat modeling. Chapter 3 focuses on existing threat modeling approaches, and Chapter 4 discusses integrating threat modeling within the different types of Software Development Lifecycles (SDLCs). Threat modeling and risk management is the focus of Chapter 5. Chapter 6 and Chapter 7 examine Process for Attack Simulation and Threat Analysis (PASTA). Finally, Chapter 8 shows how to use the PASTA risk-centric threat modeling process to analyze the risks of specific threat agents targeting web applications. This chapter focuses specifically on the web application assets that include customer's confidential data and business critical functionality that the web application provides. * Provides a detailed walkthrough of the PASTA methodology alongside software development activities, normally conducted via a standard SDLC process * Offers precise steps to take when combating threats to businesses * Examines real-life data breach incidents and lessons for risk management Risk Centric Threat Modeling: Process for Attack Simulation and Threat Analysis is a resource for software developers, architects, technical risk managers, and seasoned security professionals.
Sie lesen das E-Book in den Legimi-Apps auf:
Seitenzahl: 1360
Veröffentlichungsjahr: 2015
Ähnliche
Table of Contents
Cover
Title Page
Copyright
Dedication
FOREWORD
PREFACE
REFERENCE
LIST OF FIGURES
LIST OF TABLES
CHAPTER 1: THREAT MODELING OVERVIEW
DEFINITIONS
ORIGINS AND USE
SUMMARY
RATIONALE AND EVOLUTION OF SECURITY ANALYSIS
SUMMARY
BUILDING A BETTER RISK MODEL
SUMMARY
THREAT ANATOMY
SUMMARY
CROWDSOURCING RISK ANALYTICS
CHAPTER 2: OBJECTIVES AND BENEFITS OF THREAT MODELING
DEFINING A RISK MITIGATION STRATEGY
IMPROVING APPLICATION SECURITY
BUILDING SECURITY IN THE SOFTWARE DEVELOPMENT LIFE CYCLE
IDENTIFYING APPLICATION VULNERABILITIES AND DESIGN FLAWS
ANALYZING APPLICATION SECURITY RISKS
CHAPTER 3: EXISTING THREAT MODELING APPROACHES
SECURITY, SOFTWARE, RISK-BASED VARIANTS
CHAPTER 4: THREAT MODELING WITHIN THE SDLC
BUILDING SECURITY IN SDLC WITH THREAT MODELING
INTEGRATING THREAT MODELING WITHIN THE DIFFERENT TYPES OF SDLCs
CHAPTER 5: THREAT MODELING AND RISK MANAGEMENT
DATA BREACH INCIDENTS AND LESSONS FOR RISK MANAGEMENT
THREATS AND RISK ANALYSIS
RISK-BASED THREAT MODELING
THREAT MODELING IN INFORMATION SECURITY AND RISK MANAGEMENT PROCESSES
THREAT MODELING WITHIN SECURITY INCIDENT RESPONSE PROCESSES
CHAPTER 6: INTRO TO PASTA
RISK-CENTRIC THREAT MODELING
CHAPTER 7: DIVING DEEPER INTO PASTA
EXPLORING THE SEVEN STAGES AND EMBEDDED THREAT MODELING ACTIVITIES
CHAPTER SUMMARY
CHAPTER 8: PASTA USE CASE
PASTA USE CASE EXAMPLE WALK-THROUGH
GLOSSARY
INFORMATION SECURITY AND RISK MANAGEMENT TERMINOLOGY
REFERENCES
INDEX
End User License Agreement
Pages
ix
x
xi
xii
xiii
xv
xvi
xvii
xviii
xix
xx
xxi
xxiii
xxiv
xxv
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
653
654
655
656
657
658
659
660
661
662
663
664
Guide
Cover
Table of Contents
Foreword
Preface
Begin Reading
List of Illustrations
CHAPTER 1: THREAT MODELING OVERVIEW
Figure 1.1 Relating Environmental Factors to Attacks
Figure 1.2 Developing Metrics in Threat Modeling
Figure 1.3 Development Factors Affecting Scalability
Figure 1.4 Cyber Crime Motives
Figure 1.5 Simple Data Flow Diagram supporting Threat Model
Figure 1.6 More Evolved Data Flow Diagram supporting Threat Model
Figure 1.7 STRIDE Threat Classification Visual Example
Figure 1.8 Incorporating Vulnerabilities within the Threat Model
Figure 1.9 Vulnerability Mapping
Figure 1.10 Sample Attack Tree
Figure 1.11 Deriving Risk via the Application Threat Model
CHAPTER 2: OBJECTIVES AND BENEFITS OF THREAT MODELING
Figure 2.1 Example of Use Case Diagram 1
Figure 2.2 Manual and Automated Vulnerability Assessments
Figure 2.3 Example of Data Flow Diagram
Figure 2.4 Root Causes versus Symptoms
CHAPTER 3: EXISTING THREAT MODELING APPROACHES
Figure 3.1 Essential Process Areas for Threat Modeling
Figure 3.2 Security Areas for Greater Unity via Threat Modeling
Figure 3.3 Process Overview of Vulnerability Assessment Integration to Threat Modeling
Figure 3.4 Building Security Process in System/Network Administration from Threat Modeling
Figure 3.5 Security Centric DFD for Distributed Attacks
Figure 3.6 Components Represented by DREAD Risk Model
Figure 3.7 Stages of PASTA Threat Modeling Methodology
Figure 3.8 Cone of Fire Encompassing Multiple Targets
Figure 3.9 Relationship among Assets, Use Cases, Actors in Application Decomposition
Figure 3.10 Interrelated Asset Variables within an Application Environment
Figure 3.11 Factors Influencing Attacks
CHAPTER 4: THREAT MODELING WITHIN THE SDLC
Figure 4.1 Threat Tree
Figure 4.2 Use and Misuse Case of User Log-on
Figure 4.3 Sketched Architectural Diagram
Figure 4.4 Data Flow Diagram
Figure 4.5 Mapping Threats Vulnerabilities and Countermeasures
Figure 4.6 RUP SDLC
Figure 4.7 Integrating Security in the Agile SDLC
Figure 4.8 Integrating Security in the Agile Sprints
Figure 4.9 Integration of Threat Modeling in MS SDL
Figure 4.10 SDL Phases
Figure 4.11 Generic Online Banking Application Threat Model
CHAPTER 5: THREAT MODELING AND RISK MANAGEMENT
Figure 5.1 HPY Stock Price at the Time of the Data Breach Disclosure (January 20, 2009)
Figure 5.2 Characterization of Risk by considering Threats, Vulnerabilities, and Assets
Figure 5.3 Five (5) Level Risk Calculation Heat Map
Figure 5.4 Threat-Vulnerability-Asset Risk Calculation Heat Map
Figure 5.5 Overall Threat-Vulnerability Domain
Figure 5.7 Risk Calculation and Management Heat Map
Figure 5.8 NIST Risk Assessment mapping to Application Threat Modeling
Figure 5.9 Dissecting Cyber-Threats
Figure 5.10 Phases of Security Incident Handling Process (NIST via Coordinated Response)
CHAPTER 6: INTRO TO PASTA
Figure 6.1 Impacting Factors Across PASTA: A Checklist for Success
Figure 6.2 Threat Modeling Team Selection
Figure 6.3 Business Cross Section of a Threat Modeling Team
Figure 6.4 IT Operations Cross Section of a Threat Modeling Team
Figure 6.6 GRC Cross Section of a Threat Modeling Team
Figure 6.7 Givens Before PASTA Walk-Through
Figure 6.8 PASTA RACI Model
CHAPTER 7: DIVING DEEPER INTO PASTA
Figure 7.1 Deriving Use Cases from Business Objectives
Figure 7.2 Converging Security, Compliance, and Privacy Requirements in Stage I
Figure 7.3 Hierarchy of Objectives Addressed by PASTA
Figure 7.4 Relating Compliance to Business Impact
Figure 7.5 Business and InfoSec Balance in Stage I
Figure 7.6 PASTA Roles for Stage I
Figure 7.7 PASTA Risk-Centric Threat Modeling – Stage I – (DO) Definition of the Objectives
Figure 7.8 Software/Data Enumeration Containers
Figure 7.9 Stage III Application Containers
Figure 7.10 PASTA Risk-Centric Threat Modeling – Stage II – (DTS) Definition of the Technical Scope
Figure 7.11 Enumeration of Use Cases, Services, Stored Procedures, Batch Scripts, and Actors
Figure 7.12 Use Case to Application Component Mapping
Figure 7.13 Common Syntax of Symbols for DFDS
Figure 7.14 Data Flow Authentication Example
Figure 7.15 Data Flow for Data Exchange Across Two Entities
Figure 7.16 DFD Example Using Physical Boundaries for Organizing Components
Figure 7.17 Whiteboard DFD of User Self-Enrollment
Figure 7.18 DFD Health-Care Example Using Container Approach
Figure 7.19 DFD Using Architectural Considerations for Component Grouping
Figure 7.20 Spectrum of Trust for Defining Trust Boundaries Across Architecture
Figure 7.21 Decomposing Mobile Web App Example
Figure 7.22 API from Stores Local Transaction Server with the Following Metadata
Figure 7.23 PASTA Risk-Centric Threat Modeling – Stage III – (ADA) Application Decomposition and Analysis
Figure 7.24 Areas to Consider around Threat Evaluation
Figure 7.25 Sample Threat Possibilities per Industry
Figure 7.26 Mapping of Threat Agents to Asset Targets
Figure 7.27 PASTA Risk-Centric Threat Modeling – Stage – IV (TA) Threat Analysis
Figure 7.28 Missing Architectural Countermeasures among Application Components
Figure 7.29 Abuse Cases & Vulnerability Branch to Attack Tree Added
Figure 7.30 Logical Flow Considering Threats to Assets to Vulnerabilities
Figure 7.31 Targeted Application Testing in Web Applications
Figure 7.32 PASTA Risk-Centric Threat Modeling – Stage V – (WVA) Weakness and Vulnerability Analysis
Figure 7.33 Linearly Thinking about Attack Patterns
Figure 7.34 Snapshot of Related Control from CAPEC ID in Library
Figure 7.35 Completed Attack Tree
Figure 7.36 MITRE CAPEC Library Snapshot – CAPEC 117
Figure 7.37 Vulnerability Portion of Attack Tree
Figure 7.38 Attack Pattern Portion of Attack Tree
Figure 7.39 PASTA Risk-Centric Threat Modeling – Stage VI – (AMS) Attack Modeling and Simulation
Figure 7.40 Visualization of Attack and Countermeasures
Figure 7.41 Data Flow Diagram With Architectural Risk Analysis of Vulnerabilities and Controls
Figure 7.42 Completed Attack Tree w/Countermeasures
Figure 7.43 PASTA Risk-Centric Threat Modeling – Stage VII – (RAM) Risk Analysis and Management
CHAPTER 8: PASTA USE CASE
Figure 8.1 PASTA Threat Modeling: Stages and Activities
Figure 8.2 Entering Business Functional Requirements/Use Cases Using the ThreatModeler™ Threat Modeling Tool
Figure 8.3 ThreatModeler™ Tool Wizard Capturing the Level of Risk for the Project HackMe Bank
Figure 8.4 HackMe Bank Users
Figure 8.5 Representation of a Bank Account Query Transaction Through the Different Tiers of an Online Banking Application
Figure 8.6 Internal Services Deployed with the Application Architectural Components
Figure 8.7 ThreatModeler™ Association of Widgets with Client Components
Figure 8.8 Architecture of Online Banking Application
Figure 8.9 Component-Based Functional Use Cases of Online Web Application
Figure 8.10 Data Flow Diagram for Online Banking Application
Figure 8.11 Functional Component Trust Boundaries Using ThreatModeler™
Figure 8.12 Campaign of DDoS Attacks Against Banking Sites Announced by AQCF Threat Agent Group
Figure 8.13 Ontology of (STIX) Structured Language for Cyber Threat Intelligence Information
Figure 8.14 Example of Kill-Chain (Courtesy of MITRE corp)
Figure 8.15 Web Incident Hacking Database Attack Library
Figure 8.16 ThreatModeler™ Tool Threat Library
Figure 8.17 Threat Model Using STRIDE per Element
Figure 8.18 Threat Risk Factors
Figure 8.19 Threat Dashboard with Threat Risk and Status
Figure 8.20 OSVDB Open Source Vulnerability Database source
Figure 8.21 Architectural Risk Analysis Component of ThreatModeler™
Figure 8.22 Architectural Risk Analysis of Authorization Controls
Figure 8.23 Threat Tree (Source OWASP)
Figure 8.24 Mapping of Threats with Vulnerabilities of Different Application IT Assets
Figure 8.25 Number of Attack Observed in 6 Months by Imperva 2013 WAAR
Figure 8.26 Test Cases to Validate Vulnerabilities at Component Functional Level ThreatModeler™
Figure 8.27 Sequence of Events Followed in Banking Trojan Attacks
Figure 8.28 Anatomy of Account Takeover and Fraudulent Wire Transfer
Figure 8.29 Attack Vectors Used in Banking Trojan Malware, Source OWASP Anti-Malware Knowledge Base
Figure 8.30 CVEs Exploited by Drive-By-Download Attacks
Figure 8.31 CAPEC Attack Pattern for HTTP DoS
Figure 8.32 Engineering for Attacks Source MITRE
Figure 8.33 WHID Attack Library in ThreatModeler™
Figure 8.34 Banking Malware Attack Tree
Figure 8.35 Use and Abuse Cases for MFA Controls
Figure 8.36 Threat-Level Security Test Cases
Figure 8.37 Threat and Risk Dashboard
Figure 8.38 Risk Calculation Heat Map
Figure 8.39 ThreatModeler™ Threat-Risk Management Dashboard
Figure 8.40 ThreatModeler™ Threats to Functional Components and Security Controls That Mitigate These Threats
Figure 8.41 High Level View of Threats-Attacks-Vulnerabilities-Countermeasures of Online Banking Application
List of Tables
CHAPTER 1: THREAT MODELING OVERVIEW
Table 1.1 Correlating Environmental Factors to Attack Motives – SAMPLE
Table 1.2 Correlating Motives to Application Threat Vectors
Table 1.3 Recommended Frequency for Environmental Threat Factor Analysis
Table 1.4 Key Reasons App_Sec Fails Today
Table 1.5 Threat Modeling Benefits for Various Roles
Table 1.6 Threat Model Stack
Table 1.7 Taxonomy of Attack Terms
Table 1.8 Tools for Testing
Table 1.9 Elements of Risk – Generic Listing of Key Risk Components
CHAPTER 2: OBJECTIVES AND BENEFITS OF THREAT MODELING
Table 2.1 Application Security Roles, Responsibilities, and Benefits
Table 2.2 Example of Threats and the Technical and Business Impacts
Table 2.3 Criteria for Threat Modeling Scope
Table 2.4 Criteria for Application Threat Modeling Updates
Table 2.5 Mapping of Threats to Vulnerabilities
CHAPTER 3: EXISTING THREAT MODELING APPROACHES
Table 3.1 Example of Mapping Threat Modeling Efforts to Security Processes
Table 3.2 Security Experience Meets Threat Modeling
Table 3.3 Factors Affecting Time Requirements for Threat Modeling
Table 3.4 DFD Symbols (Microsoft ACE Team) (59)
Table 3.5 Traditional Network-Based Denial of Service Attacks
Table 3.6 STRIDE Threat Categorization Table (60)
Table 3.7 Example of STRIDE Classification Model
Table 3.8 Threat Rating Table Example
Table 3.9 Sample Risk Rating Exercise Using DREAD
Table 3.10 DREAD Risk Rating Applied to Sample Threat
Table 3.11 Security Objectives in support of Business Objectives
Table 3.12 Application Decomposition for Mobile J2ME App
Table 3.13 MITRE's Security Content
CHAPTER 5: THREAT MODELING AND RISK MANAGEMENT
Table 5.1 Example of Assignment of Risks Of A Threat Event based upon probability of the event and impact on the asset
CHAPTER 6: INTRO TO PASTA
Table 6.1 Enterprise Process Mapping to PASTA Threat Modeling Methodology
Table 6.2 Artifacts for Making PASTA
CHAPTER 7: DIVING DEEPER INTO PASTA
Table 7.1 Relating Business Objectives to Security Requirements
Table 7.2 Enumeration of Business Requirements to Understood Use Cases
Table 7.3 Governance Artifacts Relevant to Stage I of PASTA
Table 7.4 Considerations for Factoring Business Impact
Table 7.5 Possible Inherent Risk Issues by Application Type
Table 7.6 Simple CRUD Mapping Across a Product Application
Table 7.7 Software Enumeration from Automated Tools
Table 7.8 Free Hardening Guidelines/Tools for Inherent Risk Mitigation or Blind Threat Modeling (Stage II – PASTA)
Table 7.9 Sample Identification of Use Cases for Health-Care Application
Table 7.11 Deriving Use Cases from Functional Requirements
Table 7.10 Hypothetical Functional Requirements/Objectives for Marketing Application
Table 7.12 Sample Threat Considerations for Various Applications
Table 7.13 VERIS Framework of IR Metrics
Table 7.14 Threat Analysis of a Mobile Based Loan Application Serving Higher Ed
Table 7.15 Threat Analysis for Bluetooth Enabled Medical Device
Table 7.16 Threat Analysis Artifact against a Single Asset/ Use Case
Table 7.17 Labeling Relevant Threat Modeling Variables during Targeted Assessment Efforts
Table 7.18 Attack Considerations for POS at Restaurants
Table 7.19 Residual Risk Analysis
CHAPTER 8: PASTA USE CASE
Table 8.1 Sensitive Data Analysis and Business Requirements of Online Banking Application
Table 8.2 Online Banking Application Risk Profile
Table 8.3 Online Banking Application Components S/W Technology Stack
Table 8.4 Online Banking Web Application: Data Interfaces
Table 8.5 Security Function Transactional Analysis
Table 8.6 Overall Cyber-Threat Scenarios Affecting Financial IT Systems and Applications
Table 8.7 Structured Threat Information eXpression (STIX) Architecture vs 3.0
Table 8.8 Example of Description of Browser Exploit Threat Using STIX
Table 8.9 STRIDE Threat List
Table 8.10 Application Security Frame
Table 8.11 Secure Architecture Design Guidelines
Table 8.12 Mapping of OWASP-WASC and CWE Source CriticalWatch: OWASP to WASC to CWE Mapping, Correlating Different Industry Taxonomy
Table 8.13 Malware Banking Trojan Kill-Chain and Security Measures
Table 8.14 Attack Vectors Used By Banking Malware
Table 8.15 DDoS Attack Vectors Extracted from the Analysis of DDoS Attacks Against Web Applications
Table 8.16 CAPEC SQL Injection Attack Sequence 1. Determine User-Controllable Input Susceptible to Injection
Table 8.17 CAPEC SQL Injection Attack Sequence 1. 2. Experiment and try to exploit SQL Injection Vulnerability
Table 8.18 CWEs Exploited in SQL Injection Attacks (CAPEC SQL Injection)
Table 8.19 CAPEC-66 Security Requirements For Mitigation of Risk of SQL Injection Attacks
Table 8.20 Attack Surface of Online Banking Application
Table 8.21 Malware-Based-Attack-Driven Security Test Cases
Table 8.22 DDoS Attack Driven Security Test Cases
Table 8.23 Security Measures Proposed for Mitigate the Risks of Malware Banking and DDoS Threats
RISK CENTRIC THREAT MODELING
Process for Attack Simulation and Threat Analysis
TONY UCEDAVÉLEZ AND MARCO M. MORANA
Copyright © 2015 by John Wiley & Sons, Inc. All rights reserved
Published by John Wiley & Sons, Inc., Hoboken, New Jersey
Published simultaneously in Canada
No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning, or otherwise, except as permitted under Section 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, Inc., 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 750-4470, or on the web at www.copyright.com. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at http://www.wiley.com/go/permission.
Limit of Liability/Disclaimer of Warranty: While the publisher and author have used their best efforts in preparing this book, they make no representations or warranties with respect to the accuracy or completeness of the contents of this book and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives or written sales materials. The advice and strategies contained herein may not be suitable for your situation. You should consult with a professional where appropriate. Neither the publisher nor author shall be liable for any loss of profit or any other commercial damages, including but not limited to special, incidental, consequential, or other damages.
For general information on our other products and services or for technical support, please contact our Customer Care Department within the United States at (800) 762-2974, outside the United States at (317) 572-3993 or fax (317) 572-4002.
Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be available in electronic formats. For more information about Wiley products, visit our web site at www.wiley.com.
Library of Congress Cataloging-in-Publication Data:
Tony UcedaVélez
Risk Centric Threat Modeling : process for attack simulation and threat analysis / Tony UcedaVélez, Marco M. Morana
pages cm
Summary: “This book describes how to apply application threat modeling as an advanced preventive form of security”– Provided by publisher.
Includes bibliographical references and index.
ISBN 978-0-470-50096-5 (hardback)
1. Data protection. 2. Computer security. 3. Management information systems–Security measures. 4. Computer networks–Security measures. 5. Risk assessment. I. UcedaVélez, Tony, 1976- II. Title.
HF5548.37.M67 2015
658.4′7011–dc23
2015000692
Cover Image: Courtesy of Fromold Books, http://www.fromoldbooks.org/
To Suzanne, my patient and loving wife, who supported me throughout the five years of writing and research; thank you for your patience and endless support. –Marco
To Heidi, Simon, Serina, Sofia, Samson. For all the soccer balls I missed to kick in the backyard, the tea times I failed to sit in, and the date nights I couldn't make due to fulfilling this project, this is for you. Deo gratias. Deus lux Mea. –Tony
Special thanks to Sarah Varnell and Caitlyn Patterson (VerSprite) for all of their review, edits, and writing guidance.
FOREWORD
The cover page of this book includes a drawing from George Kruger Gray's “The Siege of the Castle.” The picture depicts castles under siege and illustrates the challenges to protect against the different attacks used in the Middle Ages such as siege equipment; mobile armored shelters, ladders, and wheeled ramps, by attackers trying to scale the walls built to protect the castles. This picture is a stark reminder of the challenges that cyber-security faces to defend from cyber-attacks of the modern era. In the Middle Ages, attackers stormed the castle from different positions, bypassing the defensive walls, and breaking into the main entry castle doors. In the modern era, attackers strike from the different data interfaces that are available, breaking into the applications user and data interfaces, attacking the firewalls, and application access controls. This picture is also a reminder that defenses such as castle walls, fortified gateways, towers, turrets, arrow loops, drawbridges, and moats become obsolete with the emergence of new threats. In the case of castle defenses, this was the increased presence of gunpowder weapons, such as cannons, in the fourteenth century. In the case of cyber-defenses, the emergence of sophisticated cyber-crime tools that can successfully bypass security defenses, such as anti-viruses, firewalls, and user authentication; require that we be vigilant, monitoring, and improving our defenses before they are rendered obsolete.
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
