Application Threat Modeling Services

In the early stages of the journey toward a secure software development lifecycle (SDLC), threat modeling plays the key role of identifying attack surfaces and entry points, and is often cheaper than in later stages due to minimal remediation costs. To avoid the perception of threat modeling as a delay in the SDLC, Kroll leverages a flexible framework that incorporates advanced tooling with seasoned intelligence. 

What Is Application Threat Modeling?

Application threat modeling is the analysis of an application to identify and mitigate potential design and or implementation weaknesses for the purpose of determining how to best protect it. Application threat modeling enables organizations to identify potential weaknesses in a system and pinpoint design and implementation issues that require mitigation.

At Kroll, we’ve created a framework that enables developers to perform application threat modeling guided by a knowledge base of templates, standards, common vulnerabilities, security controls and process documentation. By using a wide range of tooling, teams are able to achieve broad and reliable coverage of common vulnerabilities and provide verification of threat mitigation.

Application Threat Modeling Program

There are three essential components in an effective application threat modeling program. The Application Threat Modeling Framework provides the structure for each threat modeling process. Each process focuses on a different aspect and approach to application threat modeling. 

• Threat Modeling Framework

  Provides the foundation of the Threat Modeling program. The framework defines and serves as a central resource for:

• Threat modeling core concepts and terminology
• Kroll’s threat modeling approach and processes
• Internal threat modeling knowledge base
• Threat modeling training material
• Internal and external reference materials
• Tools, templates and guides

• Abuse Case and Business Logic Threat Modeling Process

  Focuses the threat modeling effort on identifying threats, weaknesses and vulnerabilities that are unique to the application and cannot be identified using automation. This process brings the required levels of depth in uncovering potential threats within complex business logic scenarios.

• Common Weaknesses & Controls Threat Modeling Process

  Focuses on identifying system weaknesses and the controls to prevent them with the help of automation. The common aspect of this process refers to the core components of systems and the issues that may arise from insecure implementations. The process leverages tooling to help automatically identify common and accepted guidance, good practices and design patterns early in the development lifecycle.

Analyzing threats involves time and effort. Kroll’s approach to defining and implementing application threat modeling programs makes it easy for teams to adopt, see results and implement improvements.

Application Threat Modeling Approach

There is no single best approach to threat modeling. The right approach for your team is the one that works; it has been adopted, is consistently practiced across the organization and results in changes that improve overall security posture.

When it comes to its application threat modeling services, Kroll aims to strike a balance that is accessible, scalable, educational, useful and agile. It’s integrated into two complementary processes supported by a defined methodology, guiding resources, standard operating procedures and tools.

Process 2: Abuse Case and Business Logic

Abuse case and business logic threat modeling focuses on the unique application and system threats resulting from a business logic design. These types of attacks and vulnerabilities are not discoverable by automated solutions, as they lack the context to effectively identify the issue. 

Threat Modeling Part of a Cyber Risk Retainer

Kroll offers a robust but flexible Cyber Risk Retainer that can adapt to your business while providing you with prioritized access to Kroll’s elite digital forensics and incident response team to identify, respond, contain and remediate an incident. The retainer can include  threat modeling services as well as penetration testing, red team and tabletop exercises and even litigation support, regardless of your existing security stack.

Who We Are

Kroll’s solutions deliver a powerful competitive advantage, enabling faster, smarter and more sustainable decisions related to risk, governance and growth.

Serving clients in 140 countries across six continents, and spanning nearly every industry and sector, our proprietary data, technology and insights help our clients stay ahead of today’s complex demands.