Information Assurance Services: Threat Modeling

Building a system worthy of trust depends on the ability to address the unexpected. Eliminating all risk in a system simply isn't possible, and attempting to eliminate risk is frequently behind efforts that turn out to be both ineffective and expensive. The approach in computing seems to be to throw some technology at the problem and hope for the best. Firewalls, intrusion detection systems, and even operating systems are used this way over and over.

A better approach is risk management. This is not a concept new to business -- we see it in many forms, ranging from insurance to investment strategies. With a means of understanding threats, their likelihood and impact (in dollars), organizations can begin to see where their dollars will be best spent. That is precisely what Interhack's Threat Modeling service does.

Our Threat Model does not stop there, though. Add to that the ability to show how effectively those risks are being mitigated. Thus, we can show managers important what-if scenarios, demonstrating how new technology, new policy, or better enforcement of policy with existing technology will affect the risk present in the entire system.

The modeling process is straightforward, and the result can be used in a wide variety of situations. Three examples include:

Information executives can use the Threat Model to understand how their spending on infrastructure will impact the risk present in their systems.
System architects can use the Threat Model to understand how various policy and configuration postures will affect the feasibility of attacks against the system.
Application developers can use the Threat Model to understand which threats against their systems are present, and help them to build-in defenses, making sure that the most common -- the most important -- threats to their software's functionality in operation are addressed even before the software is deployed.