Jason, I differentiate between the two like this: Threat Analysis looks at specific threats (e.g., msblaster, zotob, latest exploit of <pick your fav sw/os>). Threat Modeling looks at classes of threats (e.g., network-distributed malware, OS vulnerabilities of Type). Threat analysis is used as a component to various assessment techniques (vulnerability scanning, code review, etc.). The aggregation of data from multiple threat analyses within a define class of threat can then be used to develop a model of that threat. Threat modeling can then be used to look at the overall security and resilience of a system, instead of focusing on the minutae of every individual threat. Ergo, foci on anti-virus, OS hardening, patch management, etc. Practices developed in response to the modeling of classes of threats, the models for which were developed from analysis of the threats that resulted in their classification. Or something like that... cheers, -ben
--- Benjamin Tomhave, CISSP, NSA-IAM, NSA-IEM [EMAIL PROTECTED] Web: http://falcon.secureconsulting.net/ LI: http://www.linkedin.com/profile?viewProfile= <http://www.linkedin.com/profile?viewProfile=&key=1539292> &key=1539292 Blog: http://www.secureconsulting.net/ Photos: http://photos.secureconsulting.net/ "We must scrupulously guard the civil rights and civil liberties of all citizens, whatever their background. We must remember that any oppression, any injustice, any hatred is a wedge designed to attack our civilization." -President Franklin Delano Roosevelt _____ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jason Grembi Sent: Wednesday, February 14, 2007 4:12 PM To: [email protected] Subject: [SC-L] differences between Threat Analysis and Threat Modeling Hi Ken, I am currently researching the differences between Threat Analysis and Threat Modeling. I thought your readers on the mailing list may give me a clearer distinction. How I understand it is that both identify security threats, determine risk, and create the right countermeasures by analyzing various types of documentation about the system and looking for vulnerabilities and/or areas of weakness. Threat Analysis - is more informal way of 'eyeballing' system architecture and application design. Threat Modeling [Microsoft SDL] - more formal, every requirement is modeled and scrutinized. Any additional help you or your readers can provide would be appreciated. Thanks Jason Grembi Web Developer
_______________________________________________ Secure Coding mailing list (SC-L) [email protected] List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________
