Threat modeling is a systematic methodology that identifies, classifies, prioritizes, and rates enterprise threats based on a thorough analysis of your organization’s architecture. Identifying and rating threats allows you to recognize the threats that present the greatest risk to your organization and prioritize their remediation with solid countermeasures.
Threat modeling helps implement a structured approach to security business impact. It is a continuing process that starts during the early phases of the design of layered-defense and continues throughout the security life cycle. Persistent threat modeling enables your organization to get answers and recommendations rapidly and scale your response and investigation efforts.
Mobile Security Threat Modeling
IOActive’s mobile security threat modeling service helps IT organizations design the next generation of their mobile support and mobile security infrastructure. IOActive consultants thoroughly review the threats facing your company, such as those presented by Bring Your Own Device (BYOD). We evaluate your current mobile support capabilities and policies, articulate new strategies for mobile device and application support, and provide the actionable blueprint you need to begin implementation.
Our threat modeling practice is designed to help IT organizations determine the most efficient and cost-effective path to support BYOD, while protecting your networks and data from unauthorized access. IOActive is also keenly aware of the risks associated with the Internet-of-Things (IoT). We work closely with consumer manufacturers as they come to market with new devices, giving us insight into the risks these devices could present to your organization.
ICS Threat Modeling
IOActive understands the value of ICS threat modeling does not lie in a complex methodology process or statement, but rather in its ability to put risk management and risk assessment practices in place in your organization’s ICS environment. We work with you to identify the parts of your ICS environment that require the most attention as well as the components where an investment in security would yield the most favorable results.
IOActive begins by identifying the components of your ICS environment that are relevant to the threat model. We also attempt to identify any countermeasures that you already have in place in order to gain a general understanding of your current level of security awareness.
In a separate stream, we focus on identifying threats and threat actors. Threats are those actions that can affect the system, while threat actors include individuals or groups with the motivation to leverage those threats in order to meet their objectives. Differentiating these elements makes it possible to prioritize threats when it comes to remediation.
Based on the information gathered, IOActive formally documents the threat model. We often approach this process in an iterative fashion depending on the environment, maturity, and complexity of the system being modeled. Our goal is to document a threat model that you can use for threat mitigation or as an additional input to your existing ICS risk management processes.
DDoS Threat Modeling Mitigation Services
IOActive’s DDoS threat modeling mitigation service helps protect your organization’s infrastructure. IOActive starts by assessing the current ability of your firm to rebuff a DDoS attack. We identify the assets that your firm needs to protect and the controls and capabilities around such assets, including processes, people, and technology. We also identify the relevant threat communities along with their capabilities and motivations. We detail the types of attacks your firm should be aware of and prepared for, including volume, application specific, content specific, layer 7, and DNS. All of this information serves as a reference for building a focused and effective security strategy.
IOActive works with you to identify the capabilities and infrastructure you need. We consider content-handling components and include them when planning the capacity required to handle DDoS attacks. Specifically, we focus on all encryption (SSL) and content inspection capabilities, such as IDS, IPS, WAF, and LB.
IOActive provides your organization with a detailed security strategy for handling DDoS attacks, including all of the derived capabilities you need—specifically SSL termination and encryption issues. In addition, we develop a gap analysis of your firm’s current state and provide specific recommendations for how you can achieve the capabilities in detailed in our security strategy.