Questions tagged [threat-modeling]
The process of describing possible threats and analyzing their possible affect on target systems.
139 questions
0
votes
0
answers
43
views
Creating custom threats with Microsoft Threat Modeling Tool?
I am exploring the Microsoft Threat Modeling Tool (7.3.31026.3). It is fascinating how it suggests all possible STRIDE threats in the "analysis view", after you built your data flow diagram ...
- 111
1
vote
0
answers
91
views
How to use one of Microsoft's new computers without leaking information?
Let's say I am interested in using one of Microsoft's new computers but I have concerns over the massive amount of data, personal behavior, and whatnot being consumed by the machine. Microsoft claims ...
- 111
1
vote
1
answer
119
views
Why does IPsec has a "partial" replay protection? If we drop all packets outside the moving window, then where is the threat?
IPsec is said to have "partial" replay protection because if a packet arrives outside the window, we can't track it, so we have to make a choice: do we risk and accept it, or do we drop it?
...
- 197
2
votes
1
answer
553
views
Is it secure to send JWT tokens in url query parameters if we use nonce to make it a one time token?
Websockets don't support sending auth tokens during websocket handshake as part of HTTP headers, rather only via query parameters. This has a security risk of leaking these tokens in server logs. ...
0
votes
1
answer
144
views
Is there a foundational threat model for families/domestic users?
I am aware through hearsay of the threats exposed by certain digital assets. For example, not only should a password be kept secret, but it should not be re-used. Having the scenario unpacked for me, ...
user303853
0
votes
2
answers
362
views
As a security engineer would you be okay recommending macapps.link?
I really like macapps.link as it helps me to quickly install a bunch of software after a fresh install. However, it doesn't have the transparency such Windows alternatives, like ninite or winget have.
1
vote
0
answers
106
views
File System with SGX assistance threat model
I am studying some published papers that demonstrate how I can a secure file system been implemented with the assistance of Intel SGX.
However, in each one of these papers, the threat model is not ...
- 11
1
vote
1
answer
126
views
Static malware analysis using machine learning
As you know, using machine learning we can detect malware.
We can use dynamic analysis based on WinAPI function calls and their arguments.
But what about static analysis using machine learning? In ...
- 13
1
vote
1
answer
238
views
Why does threat model STRIDE only have six threat categories?
I know STRIDE (from Microsoft) stands for Spoofing, Tampering, Repudiation, Information disclosure, Denial of service, and Elevation of privilege.
How did Loren Kohnfelder and Prakrit Garg deduce ...
- 289
1
vote
0
answers
436
views
What would be the security rationale for a hotel blocking only SSH traffic? [closed]
I recently stayed at a hotel where outbound SSH traffic (and seemingly only SSH traffic) was blocked on the guest WiFi network, and I'm trying to figure out what security-based rationale they might ...
- 675
3
votes
3
answers
880
views
What are the security implications of using an old computer with no more BIOS updates?
What are potential security implications of using older unsupported motherboards/laptops that do not get BIOS(UEFI) updates anymore, but run an up to date GNU/Linux distribution?
Do measures like ...
- 31
1
vote
1
answer
124
views
Static react native app security issues
I am creating a react native mobile application using Expo. This app simply renders information - there is no data collection or entry, no user accounts, no database (other than JSON storage). There ...
- 113
0
votes
0
answers
152
views
Is lateral movement and horizontal privilege escalation the same thing?
Is lateral movement and horizontal privilege escalation the same thing, what would be the key difference to these two ?
16
votes
5
answers
6k
views
Where does the root of trust actually lie?
We are told that the roots of trust in the PKI are the handful of
Certificate Authorities that issue root certificates and sign other certificates and ensure at least some extent of trust to be ...
1
vote
1
answer
295
views
Do we need threat modelling after following ASVS standard?
We are planning to lay out guidelines in our organisation for everyone to follow a secure software development lifecycle. As part of this, we plan to adopt the security knowledge framework (SKF) that ...
- 111
0
votes
1
answer
155
views
How to use pre-existing threat catalogue to determine if a certain system is vulnerable?
There are many risk assessment guidelines such NIST800-30 and ISO 27005 that provide a catalogue of known threats as reference. Using a qualitative approach, I selected one threat events catalogue and ...
- 1
1
vote
1
answer
286
views
How to correctly classify a threats related to Tampering in STRIDE
I'm trying to apply STRIDE to secure my architecture.
xxx
xxx
xxx
┌──────────┐xx ┌──────────┐
│ node ├─xx──────signals───────► hub │
│ │ ...
- 125
0
votes
1
answer
212
views
What's the threat model of mobile security? [closed]
When reading about mobile security, the attacker is often assumed to have root access to the device, so as to patch the application or proxy all network traffic.
I see that such applications may have ...
- 1,297
0
votes
1
answer
183
views
What threats are mitigated by encrypted VPC connections?
We are running a virtual private cloud, in other words a vendor-hosted intranet. (In this case the vendor is AWS, but it could be Azure, Digital Ocean...) The intranet does not have public-facing ...
- 3,610
4
votes
1
answer
1k
views
How bad is it to store credentials in clear text on disk and in memory?
Yeah, it depends. A good answer would provide some reflections on this. I have two concrete scenarios in mind, in two concrete (and I believe common) contexts. Context 1. At home, you’re the only one ...
- 193
4
votes
2
answers
873
views
Actors and processes in threat models
I want to create a threat model to guide a security-oriented review on a project. I found the OWASP Threat Dragon and would like to do it in that, but from the documentation and example I am unsure ...
- 551
1
vote
1
answer
248
views
Are hosted bare-metal servers more secure than VPS against unauthorized disclosure?
Our small company needs to store sensitive data in the cloud. We are debating VPS's or rented bare-metal servers due to cost. Our threat model includes malicious sysadmins working at the hosting ...
1
vote
1
answer
702
views
What is difference & link between threat modelling and vulnerability assessment?
My understanding is that, threat modelling is used at the design stage to identify the possible threats, prioritize them and help in identifying security requirements/security controls. Vulnerability ...
- 191
1
vote
0
answers
197
views
Threat Modeling and Risk Assessment Effort Estimation [closed]
is there any way to have a good effort time estimation of a Threat Modeling and Risk Assessment activity for an internal infrastructure (about 30 active nodes)?
In general, is it possible to find a &...
- 11
2
votes
1
answer
2k
views
What is the difference between ATT&CK and CAPEC?
My question is on Cyber Threat Intelligence (CTI). I want to know the difference between Attack Patterns (as in MITRE CAPEC) and Tactics, Techniques and Procedures (as in MITRE ATT&CK). They both ...
- 123
2
votes
1
answer
357
views
Password salting vs. length extension attacks
I read that when salting passwords, it is advised to use a h(pwd||salt) construction instead of h(salt||pwd), the latter being vulnerable to a length extension attack.
What are possible scenarios in ...
- 21
3
votes
0
answers
316
views
Threat / Adversary / Trust / Security model, what is the difference?
In order to design and develop a secure system it is important to formulate a threat/adversary/trust/security model for the corresponding system to be able to evaluate the proposed system and help ...
- 269
0
votes
1
answer
256
views
Are security controls themselves considered assets (e.g., cryptographic keys)
Looking at a plain system (there are no security controls implemented yet), we need to think about its functions and derive appropriate assets which we'd like to protect in order to ensure the system ...
- 123
1
vote
1
answer
7k
views
What is the difference between "local" and "Adjacent" threat agents?
I am using CVSS to do the vulnerability assessment for my project.
As per documentation here is the definition of local and adjacent
Adjacent (A) The vulnerable component is bound to the network ...
- 159
5
votes
1
answer
852
views
What questions are useful to scope a mobile app pen test?
When arranging a pen test it's common practice to ask the client a set of questions, and use the answers either as the basis for further discussions, or to directly provide a test plan and quotation.
...
- 34.7k
2
votes
1
answer
789
views
What is the purpose of anti-rollback protection in IoT devices?
The OWASP IoT top 10 and the ASVS appendix C warn to protect against firmware rollbacks:
C.22 - Verify that the device cannot be downgraded to old versions (anti-rollback) of valid firmware.
What is ...
- 34.4k
0
votes
1
answer
167
views
IT security audit : is threat modelling key to reproducible success of just following a methodology (ex : ethical hacking)
To sum up the methodology of ethical hacking, what you do is :
Information gathering (gets the IP, domains, etc...)
Fingerprint the IP (what OS, what services are running, etc...)
Vulnerability ...
- 437
1
vote
1
answer
197
views
Threat modeling for visitor access control
I am trying to understand threat modeling but it seems too elasti from restrictive requirements to general requirements.
Now i am trying to understand it with some realistic examples. The first ...
- 121
62
votes
4
answers
7k
views
What is a threat model, and how do I make one?
I asked a question on what I need to do to make my application secure, when somebody told me:
That depends on your threat model.
What is a threat model? How do I make a threat model for my ...
user163495
0
votes
1
answer
258
views
Household attack vectors and mitigations [closed]
Hopefully this question won't come across too closely to a which product is best as that is not my intention.
I am moving into a larger property and I would like to setup some home security now i'm ...
- 47
20
votes
7
answers
2k
views
Could you anonymously upload a file on the internet if the threat model was the entire world trying to find your identity after you do so? [closed]
Thought experiment: You need to upload a file, and the threat model is the entire world trying to find out who you are after you do so.
I know this is absurd, but bear with me, it's a thought ...
- 333
1
vote
1
answer
281
views
Malware Threat Hunting in Airport Systems - KPIs/Metrics to Track [closed]
I am trying to figure out how to detect potential threats from malwares in various systems installed in the airport.
To be specific, my focus is on the following systems in airports:
Baggage ...
- 111
1
vote
0
answers
214
views
Threat modelling workshop materials focusing on threat actor profiles [closed]
A while back I went to a threat modelling workshop that had a card deck with various actors, their motivations, and their methods.
I found this extremely helpful to frame the discussion around the ...
- 111
49
votes
5
answers
6k
views
Should the average user with no special access rights be worried about SMS-based 2FA being theoretically interceptable?
Security experts are constantly discouraging users from using SMS-based 2FA systems, usually because of worries the auth code could be intercepted by an attacker, either through a SIM swap or a MitM ...
- 7,583
0
votes
2
answers
172
views
Password reuse for similar accounts
Assume I have two Github accounts, one for regular use and one for testing purposes. Or two PGP keys, one for pass and the other for encrypted email communication, and my backup scheme is exactly the ...
- 153
1
vote
1
answer
269
views
Authorization over Internet without storing user details
We have a requirement where we are creating an user generation page over internet for various vendors.
This was earlier done by our operations team on intranet. For each vendor to create a unique ID ...
1
vote
1
answer
478
views
Is the zero trust approach really so safe? [closed]
Recently, I see so many emerging vendors that are advertising their use of zero-trust. What potential risks are we exposed to if we shift to zero-trust in our bank?
- 1,294
2
votes
2
answers
196
views
Security controls around data in motion?
I am an Information Security Analyst, trying to understand the difference between data in transit and data in motion. I found the listed below definitions:
Data In Transit is defined as data moving ...
- 25
1
vote
2
answers
208
views
How to create non-generic security requirements for an idea phase?
Our manager often asks us for a quick understanding of what the risks will be based on some idea that the department has been working on during the ideation phase (the business requirements are ...
- 1,294
2
votes
1
answer
170
views
How big is the man in the middle threat from outside the network when communicating on an intranet?
I know that certificates and signatures are really important for preventing Man-in-the-middle attacks, among other things.
I am not concerned about a third party reading the transmission, only ...
- 135
2
votes
1
answer
210
views
What are some attacks to consider in a cloud deployment? [duplicate]
I want to discuss the following scenario:
I use a cloud provider like Amazon where every instance of the OS is a VM. The hypervisor launches the VMs as needed. So let's assume there are two VMs ...
- 283
-1
votes
2
answers
161
views
Verify my scenario of Internet infrastructure security [closed]
I have read a bit about Internet infrastructure recently.
I have figured out how the IT crimes are easy to cover and quite confident way to perform any attack without traces. I got suprised that is ...
- 81
1
vote
2
answers
251
views
When are you done decomposing threats?
Our development teams are getting the hang of STRIDE threat discovery, but one issue that remains is related to threat decomposition.
The way we see threat analysis is that it consists of identifying ...
- 304
125
votes
8
answers
28k
views
Why is storing passwords in version control a bad idea?
My friend just asked me: "why is it actually that bad to put various passwords directly in program's source code, when we only store it in our private Git server?"
I gave him an answer that ...
- 6,594
1
vote
1
answer
321
views
Are unbranded home security camera secure? [closed]
I plan on buying a couple of cheap cameras for my home. I plan to put them just inside the doors like the laundry door, I won't be putting them in the bedroom or living room.
My major concern is how ...
- 483