Exercising with Threat Models

Archive for October, 2014

Exercising with Threat Models

Posted by

The video of my GrrCon talk is now online. If you want to see the talk in context of my year-long series, please see my post onĀ Story-Driven Security.

 

Exercising with Threat Models @ GrrCon 2014

Everyone advocates for threat modeling. Few actually do it. This session aims to close that gap by demonstrating the #misec Attack Path methodology. First, we will select and analyze a security incident. Using threat modeling, we will break the incident down into the path the attacker followed through the network. Second, we will perform a table top exercise to identify the detective and preventative controls along that path. Using a controls assessment, we can determine our actual defense-in-depth for this particular attack. Finally, we will create a security exercise that tests the controls along the path. The session will conclude with a discussion of using the Attack Path for incident response exercises.