The more I learn about threat modeling, the more I think the toughest part is how we answer the question: “What can go wrong?” Perhaps that’s “finding threats.” Maybe it’s “discovering” or “eliciting” them. Maybe it’s analogizing from threats we know about. I’m not yet even sure what to call it. But what it does…Read More Managed Attribution Threat Modeling
I was not aware that the ITU had formalized swim lane diagrams into Message Sequence Charts. While you don’t need to use these formalizations, the choices they made, and the comparisons to UML’s diagrams can be interesting, especially if there are tricky corners where you’re having trouble modeling some flow. For example, “They work particularly…Read More Message Sequence Charts
Recently, I’ve seen four cybersecurity approaches for medical devices, and we can learn by juxtaposing them. The Principles and Practices for Medical Device Cybersecurity is a process-centered and comprehensive document from the International Medical Device Regulators Forum. It covers pre- and post- market considerations, as well as information sharing and coordinated vuln disclosure. It’s important…Read More Medical Device Security Standards
“Includes No Dirt” is a threat modeling approach by William Dogherty and Patrick Curry of Omada Health, and I’ve been meaning to write about it since it came out. I like that it starts from context — the why this matters: Their goal is to have a single approach to security, privacy, and compliance. Reducing…Read More Includes No Dirt: Healthcare Threat Modeling (Thursday)
The Economist Reflects on Liberalism is the sort of in-depth writing and thinking that makes the magazine so great: “Reinventing Liberalism for the 21st century.” Evading Machine Learning Malware Classifiers, from the winner of the Defcon Machine Learning Static Evasion Competition. The general counsel of the NSA and former general counsel of the FBI have…Read More Interesting finds: Liberalism, machine learning, encryption and learning
I’ve spoken for over a decade against “think like an attacker” and the trap of starting to threat model with a list of attackers. And for my threat modeling book, I cataloged every serious grouping of attackers that I was able to find. And as I was reading “12 Ingenious iOS Screen Time Hacks,” I…Read More Who Are We Kidding with Attacker-Centered Threat Modeling?
The Cybok project has released its v1 “Risk Management & Governance Knowledge Area”; I was a reviewer. Towards Automated Security Design Flaw Detection is an interesting paper from academics in Belgium and Sweden. Steve Lipner offers “Lessons learned through 15 years of SDL at work“ Charles Wilson has perspective on threat modeling devices in “Does…Read More Interesting Reads: Risk, Automation, lessons and more!
Trail of Bits released a threat model for Kubernetes. There’s some context from Aaron Small, who made the project happen. Continuum has a blog and a spreadsheet on threat modeling lambdas (as a category, not specific to Amazon Lambda), and also a post on threat modeling with CAPEC. Ntrepid has released a blog posts on…Read More Quick Threat Model Links October 2019
Podcast with me by OWASP’s Portland, Oregon Chapter in advance of me speaking at their meeting October 9. You can listen here.Read More OWASP Portland: Talk and Podcast
There were widely circulated reports of voice cloning being used in phishing. I’ve been predicting these for a while (Threat modeling in 2018 at Blackhat, 28 minutes in), but Guillaume Ross asked some really good questions about it. A new John Locke manuscript, “The Toleration of Papists” has been discovered and published. (Short analysis in…Read More Interesting reads