The Threat Assessment (TA) practice focuses on identifying and understanding of project-level risks based on the functionality of the software being developed and characteristics of the runtime environment. From details about threats and likely attacks against each project, the organization as a whole operates more effectively through better decisions about prioritization of initiatives for security. Additionally, decisions for risk acceptance are more informed, therefore better aligned to the business.
By starting with simple threat models and building application risk profiles, an organization improves over time. Ultimately, a sophisticated organization would maintain this information in a way that is tightly coupled to the compensating factors and pass-through risks from external entities. This provides greater breadth of understanding for potential downstream impacts from security issues while keeping a close watch on the organization’s current performance against known threats.
|Maturity level||Stream AApplication Risk Profile||Stream BThreat Modeling|
|1||Consider security explicitly during the software requirements process.||A basic assessment of the application risk is performed to understand likelihood and impact of an attack.||Perform best-effort, risk-based threat modeling using brainstorming and existing diagrams with simple threat checklists.|
|2||Increase granularity of security requirements derived from business logic and known risks.||Understand the risk for all applications in the organization by centralizing the risk profile inventory for stakeholders.||Standardize threat modeling training, processes, and tools to scale across the organization.|
|3||Mandate security requirements process for all software projects and third-party dependencies.||Periodically review application risk profiles at regular intervals to ensure accuracy and reflect current state.||Continuously optimization and automation of your threat modeling methodology.|