Resources Related to Threat Modeling: Designing for Security

cute graphic

This page contains some resources to help you threat model. If you're looking for a very quick intro, see Threat Modeling: What, Why, and How? There's also a set of threat modeling posts on Adam Shostack and Friends.

Getting Started

Adam has a few short essays that are designed to stand on their own as people get started. They include: Threat Modeling: What, Why, and How? You can also read Rolling Out a Threat Modeling Program. Both were originally for MISTI.com. and Security Engineering, the Who, What, Why and How at ISACA. A group of us have written a threat modeling manifesto.

As your threat modeling journey continues, Shostack & Associates has a whitepaper, The Jenga View of Threat Modeling, which breaks out the building blocks of threat modeling in new ways.

Consulting and Training

Organizations that need to deliver more secure products or services are hiring Shostack and Associates to deliver training and help in threat modeling and secure development lifecycles (SDL). Onsite, hands-on training customized to your needs is an outstanding way to jump-start a program. If you're interested please see Threat Modeling Help From Shostack & Associates.

When planning training, we used to ask "are there lots of whiteboards?" Now, we ask "are the walls completely covered in whiteboards?" If not, we ship rolls of static cling whiteboards, and people always want to know how to get more.

Elevation of Privilege (the game)

The Elevation of Privilege (EoP) Threat Modeling Card Game is the easy way to get started threat modeling. The easiest way is to buy a copy from Agile Stationery (direct, or via Amazon). They've also created a lovely landing page with more information. You can also download the Creative Commons licensed files from Github or Microsoft. Elevation of Privilige is part of a growing movement of security games. There are a growing number of derivative works, including:

There's also an ever-growing body of translations and plaftform implementations:

There's also a BoardGameGeek description of Elevation of Privilege, and a number of videos showing how to play, including this one by Sunny Wear.

cute graphic

Stencils and Whiteboards

My partners at Agile Stationery have created sketchbooks and stencils to help threat model. They're hard at work on being a one stop shop, and their page is at https://agilestationery.com/pages/threat-modeling-tools.

Videos

Threat Modeling Lessons from Star Wars
Threat Modeling Lessons from Star Wars. This talk captures some of the ways in which threat modeling goes wrong, ranging from "think like an attacker" to what happens if you threat model when your system is being attacked by stub fighters. There's a set of videos of Adam as a Youtube playlist. (Previously, this site linked to the BruCon 0x06 version, which you can still find here.)


Linkedin Learning Classes
Adam is doing training via Linkedin Learning:

The course Threat Modeling for Security Professionals is available, as are in depth courses on spoofing, tampering, repudiation and information disclosure. Adam's Linkedin Learning Instructor page is here.

Sample Chapters

Professor/Instructor Resources

Wiley maintains a instructor companion site for threat modeling including a one hour presentation, and a syllabus and presentations for a 13 week course, a set of quizzes, and other material to help you effectively teach threat modeling. You can also request online access for evaluation.

Errata

Errata last updated: June 25, 2018