I really like the Threat Modeling 101 – Wie fange ich eigentlich an? blogpost from Kevin Peters at CodeCentric for a nice, still high level overview:
- following the OWASP thread modeling four question framework:
- What are we working on?
- What can go wrong?
- What are we going to do about it?
- Did we do a good job?
- OWASP Threat Dragon as modelling tool
- including data flow, data transforming processes and external services
- with the different focus
- asset orientated - what do we even want to protect?
- software focus - how does the tech stack interact?
- risk orientated - see “Process for Attack Simulation and Threat Analysis” (PASTA) Framework
- attacker point of view - what motivation, resources and skill level?
Once aware of the threads, the usual options are there: mitigate the weak point, eliminate to get rid of the weak path, shifting responsibility or accepting the risk. Then repeat.