Improving Web Application Security: Threats and - CGISecurity

Chapter 3: Threat Modeling 65Table 3.7 shows an example DREAD rating for both threats:Table 3.7 DREAD ratingThreat D R E A D Total RatingAttacker obtains authenticationcredentials by monitoring the network.3 3 2 2 2 12 HighSQL commands injected into application. 3 3 3 3 2 14 HighOnce you have obtained the risk rating, you update the documented threats and addthe discovered rating level, which is High for both of the above threats. Table 3.8shows an example.Table 3.8 Threat 1Threat DescriptionThreat targetRisk ratingAttack techniquesCountermeasuresAttacker obtains authentication credentials by monitoring the networkWeb application user authentication processHighUse of network monitoring softwareUse SSL to provide encrypted channelWhat Comes After Threat Modeling?The output of the threat modeling process includes documentation of the securityaspects of the architecture of your application and a list of rated threats. The threatmodel helps you orchestrate development team members and focus on the mostpotent threats.Important Threat modeling is an iterative process. The threat model is a document that evolvesand that various team members can work from.The threat model can be used by the following groups of people:● Designers can use it to make secure design choices about technologies andfunctionality.● Developers who write code can use it to mitigate risks.● Testers can write test cases to test if the application is vulnerable to the threatsidentified by the analysis.