Threat modelling is the process where potential threats are identified, categorized, and analyzed. There are two approaches for Threat Modeling as described below
The overall objective of any enterprise organization is to Reduce Risk. Now, let us discuss the Framework/Methodology/Phases involved in Threat Modeling.
- Identify the Assets
- Describe the Architecture
- Breakdown the applications if any.
- Identify Threats.
- Categorization of Threats.
- Threat Analysis
- Determining and Diagramming potential attacks.
- Reduction analysis
- Threat prioritization
- Technologies and Process used to Re-mediate threats.
Below mind map list the details and corresponding framework used in the Threat Modeling Phases.