Threat Model Maturity

View the original Working Session content

Description of session

The session objective was to discuss and answer the questions below.

1. How do we measure the maturity of a threat model?Data is stored & linkable (higher maturity) Formalisation (higher maturity) Process integration How is the model created? different levels of maturity Repeatability of the process Level of TM depth + classification of systems Re-usable components Maturity / knowledge / experience of the threat modeler + audience How much does the TM relate to the actual application (quality degradation over time) / synced versioning Relation / causation between requirements and the resulting TM
2. How do we measure the maturity of the threat model process?Level 0: ad hoc threat model(s), free form Level 1: implement a threat model methodology and - Classification of systems and levels of TM depth - Accurate documentation that reflects reality - Ownership is within the security/architecture team? Level 2: threat model process is integrated in the SDLC / repeatability / formalisation / digitasation + linkability / libraries (e.g., attack) / feedback cycle on threat intel. (e.g., library vulns.)
3. Can maturity frameworks be updated with our measurements?Yes: SAMM - Talk about the process not the maturity of the TM itself

Session organiser(s)


Attached materials: