Threat modelling

With a systematic analysis of the probable attacker's profile, the most likely attack vectors, and the assets most desired by an attacker, defenders can focus on what is most important to protect. It's systematic, and like penetration testing, a dance.


Low-hanging fruit

The over-familiar low hanging fruit, picked, washed and presented in a simplified yet beautiful structured attack.

Featuring the basics of hack to learn, as in …

Anyone can do it!

De-anonymisation

De-anonymisation alias re-identification. More and more governments and industries depend on it. The adversaries, possible attack vectors, the attacks, threats, assistive technologies, the possible uses, and if and where possible, what we can do.

Transparent intentions

E2EE

Most E2EE systems are secure against only the weakest passive adversaries, breakable not by cryptanalysis of underlying cryptographic algorithms but by flawed system designs and security assumptions. Unencrypted metadata and …

Patterns

Vulnerable endpoints

Unsecured endpoints are susceptible to infected applications, Man-in-the-Middle attacks, data exfiltration and leveraging and more.

Endpoints remain one of the primary attack targets.

Key vulnerable points of entry

Search engines

The least investigated threat model. We must be… increasingly on the alert to prevent “them” from taking over mineshaft space and knocking us out in superior numbers when we emerge! We must not allow …

a mineshaft gap!

Denial of service

A Denial of Service attack aims to exhaust the resources at the disposal of a server, most often the ones linked to the network. The phenomenon amplified terribly over the last few years.

Daily nemesis

Network attacks

Motivated by greed, industrial espionage, politics, terrorism, racism, and criminal pay-offs, network attacks are launched every hour of every day, and evolve at an astounding pace.

A task that never ends

Access attacks

Understanding how authentication mechanisms work to verify the identity of a user, service, or application, in order to circumvent that particular mechanism, also gives clues for best defence.

Fraught with openings

With a systematic analysis of the probable attacker's profile, the most likely attack vectors, and the assets most desired by an attacker, defenders can focus on what is most important to protect. It's systematic, and like penetration testing, a dance. Though pigeonholed into these stances, and though many assistive tools exist, the best results come from using all of them, ones own mind, and including experienced other perspectives.

Adversary-centric

Studying the history and past interactions of adversaries showing what they may take as their next move.

More ...

Paranoia without going into protectionism can be healthy

Quick and dirty

Identifying, enumerating, and prioritising potential threats from a hypothetical attacker's point of view for finding the low hanging fruit.

More ...

Asset-centric

Using attack trees and attack graphs for visually illustrating patterns and vulnerabilities by which an asset can be attacked.

More ...

Software-centric

Secure software is the result of security aware software development processes where security is built in. With security in mind …

A process, not a product


  • Last modified: 2020/02/17 17:57