5. 2. 2019

Threat modeling

Threat modeling

Unlike threat assessments, threat modeling is a process of identifying all potential threats, such as structural issues, scenarios, vulnerabilities, accessible exploits, attackers, and effects.

Relevant application​

Threat modeling should ideally be performed during the design process and always repeated after any major changes. At the basic level, threat modeling detects, documents, and maps the relationships between attackers, vulnerabilities, attacks, countermeasures and the impacts it has on business, the organization and processes within your environment.

Our procedure​

Customarily, we begin with an attacker and a set attack scenario. Subsequently, we proceed until we detect the vulnerabilities which can be abused and the means thereof; we define countermeasures and determine how to stop them; finally, we quantify the impacts on your activities.

In addition to experts on individual security domains, our team is also comprised of a group of experts knowledgeable in the area in which you operate. That’s why our team is made up of experts in, for example, control systems, SAP, manufacturing, energy, procedural management and other areas unorthodox for security firms.

Result

The documentation of input parameters, assessment methods, and a description of residual risks after the implementation of certain measures. The report will include tactical and strategic recommendations in addition to the actual threat assessment.