Hands-On Threat Modelling

2 Contributors

Introduction
Meet the Presenters
Adam D'Arcy, MSc, BSc
Principal Software Development Engineer
Maya McDevitt, MSc, BE
Software Development Engineer
The Escalating Price of Cybercrime
$15.63 Trillion
Global costs attributed to cybercrime are projected to reach an estimated $10.5 trillion annually by 2025, further escalating to an astounding $15.63 trillion by 2029. These figures underscore the urgent need for proactive defense strategies like threat modeling to protect assets and minimize financial impact.
The Time to Execute Cliff
Launching WBiz
Introducing our cyber range. Last November, we threat modeled WCorp in Chicago and discovered a host of issues. The proprietor of WCorp, Gisler Brady Mangenala, is back with a vengeance with WBiz, his new lightweight AI-powered solution.
And we are back to lead the threat model once again.
WBiz Architecture & Network Topology
The following diagrams illustrate the WBiz system from two complementary perspectives — the application architecture and the underlying network topology. Understanding both is essential for identifying trust boundaries, entry points, and potential attack surfaces during threat modelling.
Application Architecture
This diagram shows the high-level architecture of the WBiz application, including its components and how they interact.
Network Topology
This diagram shows the network layout, infrastructure layers, and how traffic flows between services and external users.
Agenda
01
Introducing Threat Modelling
02
The 5 Questions
  1. What are we building?
  1. What can go wrong?
  1. How bad is it anyway?
  1. What are we going to do about?
  1. Did we do a good job?
03
Threat Modelling hosting and reporting standards
04
Q & A
What is Threat Modelling?
A structured, repeatable process used to identify, communicate, and understand potential security threats and vulnerabilities within a software application, system, or IT infrastructure

Thinking about Threats
requires going beyond standard checklists to actively challenge the security assumptions built into your design
Discover Threats
evaluate your system's components, data flows, and trust boundaries for vulnerabilities
Repeat
an ongoing, continuous practice that must evolve alongside your application and its environment
Fast, Cheap & Good vs. In Depth
Fast, Cheap & Good
  • Designed to help beginners quickly contextualize threat modeling and start building their own process.
  • Accessible techniques help organisations proactively find and fix security issues.
  • The whole team can be involved in this approach.
Slow and In Depth
  • Essential when system failure would cause extreme consequences.
  • Used to find complex or sophisticated design flaws by challenging security assumptions and modelling "what-if" failure scenarios.
  • Typically performed by a security expert with extensive threat modelling experience.
where does it live in the SSDLC lifecycle?

1
1
What is it?
Created In 2020 with the goal to present leading researchers collective threat modelling knowledge. Aims to inspire the adoption of threat modelling.
2
2
Example Resources
The principals of threat modelling. A list of patterns that aid threat modelling and anti-patterns which inhibit threat modelling and many external resources.
3
3
When to use this Manifesto?
When learning to threat model - it acts as a high-level summary and guiding document to help teams build a strong, principles-based approach to threat modelling

5 Questions
What Are We Building?
Diagram Creation
Don’t let perfect be the enemy of good enough.

Diagram creation, along with threat modelling is an iterative process. The diagram is a tool to aid Threat Modelling. The goal is to gain an understanding of what you are working on
Mapping your system
Decomposition is a process of identifying and organising a complex system into smaller components or layers of abstraction.
Possible Techniques
  • C4 architecture
  • Data Flow Diagram
  • Message Sequence Diagram
Focusing on Security
when decomposing an application with a security mindset the areas you should focous on are
  • Entry and exit points where an attacker could interface with the system
  • Identifying and prioritising "Assets" to be protected
  • Identifying Trust boundaries in the system
Mapping your system
C4 Diagram
Data Flow Diagram
Message Sequence Diagram
C4 Model
It’s a way to create “maps of your code”, at various levels of detail, in the same way you would use something like Google Maps to zoom in and out of an area you are interested in.

Simon Brown
Touchpoint
Use AI to create a C4 diagram of your choice using the Cyber Range provided.
Data Flow Diargam
What to Define?

Example and Tips
Number Flows and Processes
Makes it easier to refer to them during the threat modelling process.
Keep it clean
Do not allow lines to cross over, this will make the diagram less clear. Try keep lines straight.
Tools
Whiteboard applications or a physical whiteboard works for creating DFDs
Message Sequence Diagrams



Focusing on Security
Entry and Exit points
Assets
Trust Boundaries
Entry and Exit points
🗝️ Key Question: If an attacker wanted to get in, which door (or window) would they use?
Entry Points
Where data can enter the system. Inputs should be considered untrusted
  • HTTP requests
  • API Calls
  • User Inputs
  • File Uploads
Exit Points
Where data can leave the system. Outputs should be cleaned to ensure they do not leak data.
  • Logs
  • UI responses
  • Emails
Assets
🗝️ Key Question: If an attacker got in, what would they want to get
Tangible Data
  • Customer Data
  • Credit card data
  • Government Secrets
Intangible Data
  • User Privacy
  • Customer Trust
  • System Availability
Trust Boundaries
🗝️ Key Question: Where does our control end, where does the "outside" begin?
Ambiguous Definition
Boundaries are logical constructs to separate an area of a system that operate under different levels of trust.
While they are intended to denote privilege levels , sometimes they are used to represent physical deployments.
Crossing Trust Boundaries
This introduces risk which may introduce vulnerabilities. Careful consideration is required when data crosses boundaries.
Mitigations - potential mitigations are
  • validation
  • authentication
  • authorisation
  • Blocking the data
What can go wrong?
Unintended Consequences
As we identify potential vulnerabilities, it's vital to consider scenarios where your system might be used in ways you never intended.
Misuse Cases in Your System?
Proactively identify how malicious actors might exploit your system's features.
Who's the Intended User?
Clearly defining your target audience helps predict legitimate usage patterns.
What's the Intended Use?
Document the primary functionalities and expected behaviors of your system.
Unintended User Access?
Consider if unauthorized individuals could gain access or exploit loopholes.
Unintended Usage Scenarios?
Explore how legitimate users might accidentally or intentionally misuse feature
Understanding Threat Identification, Common Attack Trends, and Cyber Kill Chains
To effectively protect our systems, we must first understand the landscape of threats. This section will delve into how to identify potential dangers, recognize current attack methodologies, and utilize frameworks like the Cyber Kill Chain to analyze and counter adversary actions.
Threat Identification
Techniques for uncovering potential vulnerabilities and adversarial capabilities.
Common Attack Trends
Insight into the latest and most prevalent cyber attack strategies.
Cyber Kill Chains
A structured framework for understanding and disrupting the stages of an attack.
Threat Identification
What kinds of threats are there?
Threats to your System
There are many different potential threats to a system, existing across various domains.
Security Threats
Focuses on protecting information and systems from unauthorized access, use, disclosure, disruption, modification, or destruction.
Example: A DDoS attack is a security threat that aims to make a service unavailable.
Resiliency Threats
Concerns the ability of a system to recover from failures and continue operating.
Example: A DDoS attack also impacts resiliency by disrupting service availability.
Privacy Threats
Relates to the protection of personal data and ensuring compliance with privacy regulations.
Example: Data exposure concerns privacy, as it involves unauthorized disclosure of sensitive information.
Threat Modelling Frameworks
To systematically identify and address potential risks, several established frameworks provide structured approaches to threat modeling. We will focus on three key frameworks:
1
STRIDE
A mnemonic that helps identify vulnerabilities and design appropriate security countermeasures by categorizing threats: Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege.
2
LINDDUN
A methodology specifically designed to support privacy threat modeling. It guides you through identifying privacy-relevant data, analyzing data flows, and systematically uncovering privacy concerns related to Linkability, Identifiability, Non-repudiation, Detectability, Disclosure of information, Unawareness, and Non-compliance.
3
MITRE ATT&CK / ATLAS
These frameworks provide a comprehensive knowledge base of adversary tactics and techniques based on real-world observations. ATT&CK focuses on enterprise and cloud environments, while ATLAS specifically addresses AI/ML systems. They help in understanding attacker behavior, enabling proactive defense and threat intelligence integration.
STRIDE Threat Modeling Framework
STRIDE is a mnemonic used to categorize known threats according to the properties they violate. It provides a systematic way to identify potential threats and helps in designing countermeasures by linking threats to security properties.
Spoofing (Authentication)
Threats where an attacker pretends to be someone or something else to gain unauthorized access or benefits.
Tampering (Integrity)
Threats involving unauthorized modification of data, ensuring information is trustworthy and unaltered.
Repudiation (Non-repudiation)
Threats where a user denies having performed an action without proof to the contrary, challenging accountability.
Information Disclosure (Confidentiality)
Threats involving the exposure of sensitive data to unauthorized individuals.
Denial of Service (Availability)
Threats that make a system or resource unavailable to legitimate users.
Elevation of Privilege (Authorization)
Threats where an attacker gains capabilities beyond what they are authorized for.
LINDDUN Threat Modeling Framework
LINDDUN is a privacy-oriented threat modeling methodology that systematically guides the identification and mitigation of privacy threats throughout the system development lifecycle. It focuses on seven privacy properties to uncover potential privacy risks.
Linkability
The ability to link data items concerning an individual or a group of individuals.
Identifiability
The ability to identify an individual or distinguish them from others based on collected data.
Non-repudiation
The ability to deny actions or data exchanges without being disproven, often due to insufficient audit trails.
Detectability
The ability of an individual or system to detect data collection or processing activities.
Disclosure of Information
The exposure of sensitive or personal data to unauthorized entities.
Unawareness
The lack of knowledge or transparency for individuals about how their data is being used.
Non-compliance
The failure to adhere to legal, regulatory, or policy requirements concerning data privacy.
Common Attack Trends
Understanding common attack trends is crucial for effective threat modeling. The OWASP Top 10 lists provide a regularly updated overview of the most critical security risks to various applications and systems.
OWASP Top 10 Web (2021)
This list details the most prevalent security risks for traditional web applications. It covers vulnerabilities like Injection flaws, Broken Authentication, Cross-Site Scripting (XSS), and Insecure Design, which can lead to data breaches or system compromise.
OWASP Top 10 for LLM Applications (2023)
A critical resource for applications leveraging Large Language Models, this list highlights unique risks such as Prompt Injection, Insecure Output Handling, Training Data Poisoning, and Model Denial of Service, which can manipulate LLMs or expose sensitive data.
OWASP Top 10 for AI Agents (Emerging)
As AI agents become more autonomous, this emerging list addresses threats like Excessive Agency, Overreliance, Malicious Input and Unintended Actions, focusing on vulnerabilities specific to self-executing AI systems that can lead to unintended consequences or ethical issues.
Common Attack Trends: MIT AI Risk Repository
The MIT AI Risk Repository stands as a critical resource, aggregating over 1600 unique risks from 65 existing frameworks and classifications. It provides a structured approach to understanding the complex landscape of AI-related vulnerabilities through its detailed taxonomies.
Comprehensive Risk Database
Captures over 1600+ risks extracted from 65 diverse frameworks and classifications of AI risks, offering an unparalleled database for understanding potential vulnerabilities.
Causal Taxonomy of AI Risks
Classifies how, when, and why these risks occur, providing critical insight into their root causes and propagation mechanisms within AI systems.
Domain Taxonomy of AI Risks
Categorizes these risks into 7 overarching domains and 24 specific subdomains, such as "False or misleading information," for granular analysis and targeted mitigation.
MITRE ATT&CK and ATLAS Frameworks
These frameworks provide a comprehensive knowledge base of adversary tactics and techniques based on real-world observations. They are crucial for understanding attacker behavior, enabling proactive defense, and integrating threat intelligence effectively into your security posture.
MITRE ATT&CK
Focuses on adversary tactics and techniques observed in enterprise and cloud environments. It maps out the stages of a cyberattack, from initial access to command and control, providing a detailed understanding of how threats operate.
MITRE ATLAS
Specifically addresses threats to AI/ML systems. ATLAS (Adversarial Threat Landscape for Artificial-Intelligence Systems) helps identify and mitigate unique vulnerabilities and attack vectors present in artificial intelligence and machine learning components.
Cyber Kill Chains
The Cyber Kill Chain is a framework identifying and defining the stages of a cyberattack from reconnaissance to data exfiltration or system destruction. It provides a structured approach to understanding adversary actions, helping organizations predict, detect, and mitigate cyber threats more effectively.
By breaking down the attack into these distinct phases, defenders can identify potential intervention points to disrupt and stop an attack before it achieves its objective, thereby "breaking the chain."
Advanced Persistent Threats (APTs)
Advanced Persistent Threats (APTs) represent a highly sophisticated and prolonged series of cyberattack campaigns, typically carried out by nation-states or well-funded criminal organizations. Unlike common cyberattacks, APTs focus on maintaining long-term, stealthy access to a target's systems to steal data or disrupt operations, rather than a quick hit.
Persistent Access
APTs are designed for long-term presence within a target network, often for months or even years, ensuring continuous access and data exfiltration without detection.
Stealthy Operations
These attacks employ advanced evasion techniques to bypass security measures and remain undetected, leveraging zero-day exploits, custom malware, and sophisticated obfuscation.
Highly Targeted
APTs specifically target organizations or individuals with high-value information, such as intellectual property, national security data, or critical infrastructure.
Advanced Techniques
Perpetrators are typically highly skilled, utilizing a blend of advanced hacking methods, social engineering, and extensive reconnaissance to achieve their objectives.
Spotlight on Specific APT Groups
Examining prominent Advanced Persistent Threat (APT) groups reveals the diverse tactics and devastating impacts of state-sponsored and highly organized cyber adversaries.
1
Handala [Void Manticore, COBALT MYSTIQUE and Storm-1084/Storm-0842] (Iran)
The Stryker attacked wiped more than 200,000 systems and extracted 50 terabytes of data in retaliation for military strikes on Iran.
2
Scattered Spider
A highly adaptive and financially motivated group, known for sophisticated social engineering techniques. They were behind the costly "Vegas attacks" that inflicted over $100 million in damages on hotels and casinos.
3
Lazarus [HIDDEN COBRA] (DPRK)
Linked to the North Korean government, Lazarus is responsible for high-profile global operations, including the Bangladesh National Bank heist, the Sony Pictures Entertainment hack, and the global WannaCry ransomware campaign.
4
Sandworm [APT44] (GRU, Russia)
Identified as a unit of Russian military intelligence (GRU), Sandworm is infamous for destructive attacks like the NotPetya malware, which caused widespread disruption and billions in economic losses, primarily targeting Ukraine.
Touchpoint
Identify vulnerabilities or threats in the Cyberrange provided with or without the use of AI.
How bad is it anyway?

Risk Management & Validation
Moving beyond threat identification, an effective security strategy requires a robust approach to evaluate dangers, implement countermeasures, and rigorously validate their effectiveness through continuous testing.
Assess Severity & Impact
Determine how dangerous each threat is by evaluating its potential impact and likelihood of occurrence. This step prioritizes risks, guiding where resources should be concentrated for maximum protection.
Develop Remediation Plans
Outline and implement specific actions to mitigate identified threats. This includes deploying security controls, applying patches, revising policies, and enhancing configurations to reduce exposure.
Invariant Adversarial Testing
Design and execute invariant tests that consistently prove the resolution of threats. This continuous adversarial testing validates that vulnerabilities are closed and countermeasures remain effective against evolving attack vectors.
Assessing Threat Severity & Impact
To effectively manage security, threats must be rigorously assessed for their potential impact and likelihood. Various methodologies help quantify these risks, guiding resource allocation and mitigation strategies.
Fast, Cheap & Good: DREAD(-D)
DREAD assigns numerical scores to five factors—Damage Potential, Reproducibility, Exploitability, Affected Users, and Discoverability—to quantify and prioritize security threats. Each factor is rated on a 0-10 scale, and the scores are summed to determine an overall risk score, allowing teams to allocate resources to the most critical threats.
Criticized for its focus on technical aspects and the subjective nature of the "Discoverability" category, which could promote security through obscurity.
In Depth: CVSS
The Common Vulnerability Scoring System (CVSS) is a standardized framework for measuring the severity of security flaws in information systems.
It assigns each vulnerability a score between 0 and 10, with higher scores meaning more severe issues.
Scoring is based on three main factors:
  • Base metrics: Inherent characteristics of the vulnerability.
  • Temporal metrics: How the vulnerability changes over time.
  • Environmental metrics: Vulnerability's impact in a specific environment.
DREAD(-D) Threat Scoring: Practical Application
The DREAD model helps prioritize threats by evaluating five key factors on a scale, typically 0-10, to derive a cumulative risk score. This allows teams to quickly assess and compare different vulnerabilities, making resource allocation more efficient.
Consider a hypothetical SQL Injection vulnerability in a critical customer-facing web application:
DREAD(-D) Threat Scoring: Practical Application
This is our suggestion for Dread Score
CVSS Base Score: Practical Application
The Common Vulnerability Scoring System (CVSS) provides a standardised framework to assess vulnerability severity. Focusing on the Base Score metrics, we evaluate the inherent characteristics of a vulnerability, offering a foundational understanding of its technical impact.
Consider a hypothetical SQL Injection vulnerability in a critical customer-facing web application:
CVSS Base Score: Practical Application
This is our suggestion for Dread Score
Vulnerability
Touchpoint
Calculate the CVSS score for the vulnerability identified.
CVSS Score
AI Assisted Threat Modelling
Why Use AI?
Manual Tasks
AI has been studied in other sectors with highly manual and complex tasks.
AI in Cybersecurity
Detection Engineering [Anvilogic et al. 2025]
Automated Repetition
AI Excels at automated repetition

Experiment Conducted
Thirty Participants completed a thirty minute threat modelling session on a custom designed test bed.
The participants were split into three independent groups
1. No AI
Traditional threat modeling conducted manually without artificial intelligence assistance.
2. Time Constrained AI
Threat modeling with AI assistance, optimized for speed and efficiency under time limitations.
3. Human in the Loop AI Threat Modelling
Collaborative threat modelling where human expertise guides and refines AI-generated insights.
Mean And Median Score Per Group
Pearsons Correlation Coefficient
What Are we going to do about it?
Threat Remediation Strategies
Now that we have identified, described, and scored threats, it's time to act. Threat remediation is the process of addressing identified vulnerabilities to reduce or eliminate risk. While strategies can be tailored, we propose a foundational model to guide your approach:
Remove
Eliminate the threatened component or functionality from your system, for example, uninstalling a vulnerable dependency or feature.
Mitigate
Implement controls or changes to reduce the impact or likelihood of the threat, such as applying patches, configuration hardening, or deploying security features.
Transfer
Shift ownership or responsibility for the threat to another team, entity, or third party, often through formal agreements or shared responsibilities.
Accept
Acknowledge the threat and its potential impact, deeming the risk low enough not to warrant immediate removal or mitigation efforts.
Exception
Grant a temporary or conditional exemption for the threat, typically when no immediate fix is available or the cost of mitigation outweighs the current risk.
Adversarial Testing
Adversarial Testing is a method of evaluating a system with the intent of learning how it behaves under malicious or inadvertently harmful conditions. It simulates real-world attacks to uncover vulnerabilities and measure resilience.
Touchpoint
Define an adversarial test for your threat
Vulnerability
No Rate Limiting (Adeversarial Test Cases)
Scenario: Automated login attempts from a single source are throttled
Given an unauthenticated attacker has access to the login endpoint "POST /rest/user/login" And the attacker is using a specific source IP address
When the attacker sends 50 login requests within a 10-second window
Then the system should allow the initial threshold of requests to pass through And the system must reject the subsequent requests with an HTTP 429 Too Many Requests status code And the system should not forward the rejected requests to the authentication database
Scenario: Target user account is protected after repeated failed login attempts
Given a valid user account exists with the email "[email protected]" And the account is currently unlocked
When an automated script attempts to log in as "[email protected]" using a series of incorrect passwords
Then the system should return an HTTP 401 Unauthorized status code for the first 5 attempts And on the 6th attempt, the system must either: | Mitigating Action | Expected Response | | Lock the account temporarily and reject the request | HTTP 423 Locked or Custom 401 | | Inject a progressive artificial delay (tarpitting) to the processing time | Response latency > 5000ms | And a subsequent login attempt using the correct password must be rejected or delayed until the lockout period expires
Scenario: High-frequency failed login attempts trigger an operational security alert
Given the application monitoring system is healthy and active
When an attacker triggers 20 failed login attempts against a single account within 1 minute
Then the application must emit structured log events containing: | Required Log Field | | target_email | | source_ip | | failure_reason | And the downstream monitoring system should aggregate these events and trigger a "Brute Force Attempt" high-severity alert
Did we do a good job?
Did we do a good job?
Evaluating the effectiveness of your threat modeling process is crucial for maintaining a strong security posture. This involves validating the accuracy of your models, confirming remediation efforts, and ensuring continuous adaptation to an evolving system.
Model Accuracy
Does your model accurately reflect the current reality of your system? Inaccurate models lead to ineffective threat identification. Utilize tools like C4 for precise modeling and iterate on it as changes occur.
Remediation Effectiveness
Confirm that each vulnerability has been appropriately remediated. Track any items requiring follow-up and ensure all relevant parties are alerted to potential issues affecting them.
Risk Documentation
For transferred threats, understand their resolution timelines as they remain a risk. Document accepted threats clearly, explaining the rationale behind their acceptance for transparency and future reference.
Continuous Integration
As your system evolves with new features and code changes, continuously update both your system model and threat model. Integrating this into the Secure Software Development Lifecycle ensures you stay abreast of new threats.
Hosting and Reporting Threat Models
Effective threat modeling doesn't end with identification and remediation. To truly embed security into your development lifecycle, treat your threat models as living, version-controlled assets. Storing them in a standard structured format like JSON or YAML enables a host of benefits, transforming them from static documents into dynamic tools.
Standardized Formats (JSON/YAML)
Using structured data formats ensures consistency across all threat models, making them machine-readable and easily parseable by automated tools. This also simplifies auditing and sharing.
Version Control Integration
Source control (like Git) allows for tracking changes over time, facilitating collaboration among teams, and providing a clear audit trail. This ensures that threat models evolve with your system and maintain historical context.
Automation & CI/CD Integration
Structured threat models can be automatically integrated into your CI/CD pipeline. This enables automated analysis, policy enforcement, and even the generation of security test cases, shifting left in your security efforts.
Enhanced Reporting & Dashboards
Leverage the structured data to generate dynamic reports and dashboards. Visualize risk trends, track remediation progress, and communicate your security posture to stakeholders with up-to-date and quantifiable insights.
Threat Modeling as Code (TMasC)
Threat Modeling as Code (TMasC) operationalizes continuous threat modeling by applying "as code" principles to security. This approach allows teams to define, manage, and evolve threat models using machine-readable formats and version control, fostering seamless collaboration and integration into the development lifecycle.
Machine-Readable Formats
Defining threat models in YAML or JSON enables automated processing, analysis, and integration with other development tools.
Version Control Integration
Managing threat models in systems like Git ensures clear audit trails, facilitates collaboration, and allows models to evolve alongside the codebase.
Continuous Automation
TMasC drives consistency, repeatability, and automation in the threat modeling process, making it a dynamic and integral part of the SSDLC.
Benefits of TMasC
The adoption of Threat Modelling as Code brings a multitude of benefits that address the shortcomings of traditional security practices, driving greater efficiency, accuracy, and collaboration.
Scalability
TMasC allows for the rapid creation and analysis of threat models across numerous services and applications, making it highly effective for large, complex environments with evolving architectures.
Consistency
By defining threat models in code, organizations can enforce consistent standards, methodologies, and threat identification practices across all projects, ensuring uniform security postures.
Automation
Manual, repetitive tasks in threat modeling can be automated, from initial threat identification to risk scoring and reporting, freeing up security professionals for more complex and strategic analysis.
Early Detection
Integrating TMasC into CI/CD pipelines means architectural flaws and associated threats can be identified much earlier in the development process, where they are significantly cheaper and easier to fix.
Collaboration
Storing threat models in version control fosters seamless collaboration. Developers, operations, and security teams can review, propose changes, and understand security implications directly within their familiar tooling.
Auditability
Every change to the threat model is versioned, providing a clear audit trail and comprehensive traceability of security decisions and their evolution over time.
Feedback
Please scan the QR code for any feedback you wish to give.
Thank you