Verification Techniques
Application Security Threat Modeling
Verification begins with an effort to quickly understand the threat agents, architectural components, trust boundaries, critical business assets, and connections of an application and its environment. This helps prioritize the most important areas to focus on during the verification. Threat modeling techniques are used to capture this information and create a prioritized plan for the verification effort.
The initial threat model is established during the verification kickoff call with the client and is based on available documentation and conversations with representatives from the business, security, architecture, and development teams. As the verification proceeds and the Aspect team performs testing and code review, the threat model is updated and refined as needed.
This practical threat modeling helps drive the depth of the verification as well as to help gauge the technical and business impact of any identified risks discovered during the verification. The threat modeling step of the Aspect Hybrid verification process helps steer the verification effort and facilitates practical risk analysis.
Aspect informally develops a threat model for every application we review to assist with our verification efforts. Aspect also provides formal application security threat modeling for its clients. We can develop threat models for your critical applications or teach your staff how to develop them. As part of any educational effort related to threat modeling, Aspect provides standard templates and best practices for developing threat models based on common application security architectures, so you aren't developing your threat models from scratch.