One of the recent notable elements of the National Institute of Standards and Technology Minimum recommended criteria for verification by code vendors or developers Is the excellence given to threat modeling, for software validation, along with more traditional (but still important) methods such as automated testing, code-based analysis, dynamic analysis, checking and modifying included software. Ranked # 1 in NIST’s 6 Recommended Technology Classes. bug.
NIST recommends that threat modeling be performed “multiple times during development, especially when developing new features, to capture new threats and improve modeling.”
This is a welcome addition to the US Government recommendations and is in line with growing awareness that threat modeling is an important software security practice.This can also be seen from the Food and Drug Administration Pre-marketing cybersecurity guidance A series of threat modeling boot camps.
This inclusion is important because NIST recommendations are designed to be adopted in the government procurement process. That is, threat modeling will soon be written to the procurement question for organizations that sell to the federal government. NIST does not have the authority to directly mandate this standard.
As government suppliers begin to implement NIST recommendations, they will have a trickle-down effect across the market, affecting the software industry as a whole. Software developers adopt recommended security practices to stay competitive and avoid barriers to future federal supply.
This is the moment a visionary organization begins to put it into practice, as NIST is pushing threat modeling to the fore. It not only helps them anticipate games, win new contracts and meet compliance, but also has a substantial and positive impact on software security, allowing organizations to get more value, efficiency, and more from their development teams. And help bring out collaboration.
What is Threat Modeling?
The first place an organization starts is to understand what NIST means through threat modeling. NS Threat modeling manifestA consensus document by 15 experts, defines “analyzing the representation of the system to highlight security and privacy concerns.”
Simply put, threat modeling allows organizations to visualize and identify potential software threats, even before the lines of code are written. This allows developers and security teams to avoid design mistakes and communicate design, development, testing, and operational decisions.
Good threat modeling always focuses on answering four questions.
- What are we working on?
- What could go wrong?
- What are we going to do about it?
- Did we do enough work?
Considering these factors from the beginning has many benefits. This is what we call “starting from the left side of software security” and is the progression of the left shift movement that has dominated software security for years. You can find defects and vulnerabilities that cannot be found by other methods. Save time and money by finding and addressing potential threats early. This means that developers do not have to redesign their software to fix vulnerabilities as their product rolls closer.
It also means that delivery will be more predictable by avoiding surprises from penetration testers. You can also plan both development and testing by helping your team understand what is being built and how to protect it.
One of the biggest benefits of threat modeling is that it provides a security language for engineers who want to build secure applications, so it’s actually cultural rather than technical. Every engineer wants to ship high quality code, but they don’t always know how to do it and they always need to ship faster.
Security is the responsibility if the developer is provided with the tools and training to ensure that the code is purposeful security from the beginning and the security team is committed to helping measure and analyze the work. You will get healthy results that will be treated. engineer. This approach requires threat modeling tools that people across the company can understand, such as a four-question framework.
Threat modeling as a starting point
However, the most important immediate benefit of implementing threat modeling is identifying threats that can occur throughout the design process so that appropriate action can be taken. This is probably why it tops the list of NIST recommendations. When threat modeling is done first, it informs and informs all subsequent security activities. The ultimate goal of the recommended minimum standards is, after all, to ensure that the software used within the federal government is robust.
The good news for organizations is that threat modeling can generate rapid wins and expansions across the organization, especially after the fundamentals are in place, especially if the organization is taking full advantage of the breakthroughs in automation. .. The developers are already very busy and the AppSec team (even if they exist) is growing. Therefore, organizations will be better off automating what they can automate through threat libraries and intelligence from other threat models that can be shared between development teams.
NIST is in the limelight for threat modeling
https://www.darkreading.com/threat-intelligence/nist-brings-threat-modeling-into-the-spotlight NIST is in the limelight for threat modeling