A Practical Approach to Threat Modeling

Today’s security management efforts are based on risk management principles.  In other words, security resources are applied to vulnerabilities that pose the greatest risk to the business.  There are several processes for identifying and prioritizing risk.  One of the most effective is threat modeling.           

There has been much written about threat modeling.  But most of the papers and books come at the problem of threat and vulnerability management from an academic perspective.  The papers and articles that do take a business management approach typically cover one or two aspects of the process. 

This paper is a practical, high-level guide to conducting threat modeling activities within a business environment.  It begins by exploring why threat modeling is important.  This is followed by a step-by-step process, including some tools you might find helpful.    

Download the paper     

Download the Risk Calculation Tool   

Author:  Tom Olzak 

Listen to our podcast

add to my PodNova

Leave a Reply

You must be logged in to post a comment.