Abstract

Threat modeling or architectural risk analysis (ARA) is a process to find cybersecurity threats in an IT system by analyzing its architecture. Because of the large number of possible threats to consider in such an analysis, it helps to automate it. Automatic application of threat analysis rules gives more consistent results and reduces the dependency on expert knowledge in threat modeling, but asks the threat modeler to annotate the architecture with relevant information. The threat modeler will however still have to know what information to provide. In this disclosure we describe a system that interactively asks the threat modeler to supply such information, based on the analysis rules. This reduces the dependency on expert knowledge even further.

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 License.

Recommended Citation

Hemel, Tim, "Automated Interactive Threat Analysis of IT Architectures", Technical Disclosure Commons, (September 30, 2019)
https://www.tdcommons.org/dpubs_series/2530

Download

COinS

Technical Disclosure Commons

Defensive Publications Series

Automated Interactive Threat Analysis of IT Architectures

Abstract

Creative Commons License

Recommended Citation

Browse

Search

Submit

Additional Information

Technical Disclosure Commons

Defensive Publications Series

Automated Interactive Threat Analysis of IT Architectures

Inventor(s)

Abstract

Creative Commons License

Recommended Citation

Share

Browse

Search

Submit

Additional Information