SecAppDev 2019: Day 3

To keep up with the tradition, a short recap of my day at SecAppDev. Today I followed a threat modeling workshop “Whiteboard hacking (aka hands-on treat modeling)” given by Seba Deleersnyder and Thomas Heyman.

This workshop was full of best practices that I was looking for to apply in my daytime job. Like the title promises, it was very hands-on and both trainers are really knowledgeable.

Some of the many important takeaways for me:

• Start with a short session to create a top 3 of Doomsday scenarios. Make sure someone that understands the business value is involved (for instance the product owner). It’s important to define the impact of these scenario in such a way that the technical risk is translated to the according business risk. As an example: when we suffer a data breach, we might get a GDPR fine, reputational damage and customer loss.
• There are often a lot of vulnerabilities identified during threat modeling. The Doomsday scenarios are really helpful to prioritize them. We should focus on vulnerabilities that might lead to a Doomsday scenario, whereas the ones that don’t should be given a lower priority to fix.
• Start with a context model to understand the business and tech context and determine what the most important use cases are. Who or what interacts with this applications?
• Create a data flow diagram.
• Identify and prioritize trust boundaries.
• Create a threat table for the trust boundaries. This table contains the STRIDE analysis of all data flow diagram elements that cross a trust boundary.
• Document the non-mitigate threats, or even better make sure they are added in the bug tracking system or the backlog of the application.
• Always list the assumptions you have made.
• The final outcome, the (potential) vulnerabilities is important. The tools are just a means and must support you to do the job in the most efficient way.
• And many more…

Read more about SecAppDev 2019 day 1 and day 2

Read more about SecAppDev 2019 day 4.