Threat Model MaturityView the original Working Session content
Description of session
The session objective was to discuss and answer the questions below.
|1. How do we measure the maturity of a threat model?||Data is stored & linkable (higher maturity) Formalisation (higher maturity) Process integration How is the model created? different levels of maturity Repeatability of the process Level of TM depth + classification of systems Re-usable components Maturity / knowledge / experience of the threat modeler + audience How much does the TM relate to the actual application (quality degradation over time) / synced versioning Relation / causation between requirements and the resulting TM|
|2. How do we measure the maturity of the threat model process?||Level 0: ad hoc threat model(s), free form Level 1: implement a threat model methodology and - Classification of systems and levels of TM depth - Accurate documentation that reflects reality - Ownership is within the security/architecture team? Level 2: threat model process is integrated in the SDLC / repeatability / formalisation / digitasation + linkability / libraries (e.g., attack) / feedback cycle on threat intel. (e.g., library vulns.)|
|3. Can maturity frameworks be updated with our measurements?||Yes: SAMM - Talk about the process not the maturity of the TM itself|