We’re all living in this new world where we’re working from home. The question we pose is, 'How will we make progress on rolling out threat modeling when we can’t meet with people face to face and work directly on a whiteboard?'
It's time to embrace our not-so-new remote/hybrid workforce and limit disruptions to our development lifecycles.
In this article, we will give you three ways to empower your workforce to effectively create a threat model from anywhere.
Read More About Threat Modeling: What is Threat Modeling? (Practical Guide + Threat Modeling Template)
Remote Threat Modeling Tip #1: Choose Your Tool/Approach
Successful remote threat modeling begins by choosing the right tool and approach and keeping collaboration top of mind. Make sure everybody has similar tools.
When choosing a tool, you have two options:
- Drawing Tools
- Threat Modeling Tools
Threat Modeling Drawing Tools
A drawing tool allows you to create diagrams, get consensus around what you’re working on, and where the trust boundaries are. You’ll consider how the assembly of your application, what the components are, and manage your threat modeling work. You can use the drawing tool to help with the analysis of what can go wrong, but you’ll want to use a separate approach to track your threats, as the drawing tool does not do this natively.
A great example of a remotely collaborative drawing tool is Miro.
Note: None of us have any vested interest in Miro’s success other than we’re threat modeling people, and we want to figure out how to do this better remotely.
One advantage of Miro is its remote collaboration capabilities. We were able to build out a threat model quickly (based on a pre-created template) and work together on it from three different locations. The collaborative features allowed us to see what the others were working on in real-time.
Threat Modeling Tools
In the OWASP world, we have OWASP Threat Dragon, about to release version 1.1. It’s free and open source. We’ve written about OWASP Threat Dragon in the past, “Why OWASP’s Threat Dragon will change the game on threat modeling.”
The challenge with the current version of Threat Dragon is scale. There are a series of Enterprise features that Threat Dragon will need to be effective at the Enterprise level. Adam was at Microsoft, and Chris was at Cisco, and both acknowledged that the tool is something to keep an eye on or do a small proof of concept with but needs more work for the Ente
Continuum’s IriusRisk is a Threat Modeling platform that uses a data flow diagram and questionnaires and is oriented toward an enterprise and working across many separate threat models. This tool is worth a review if you are considering how to scale threat modeling remotely.
Remote Threat Modeling Tip #2 - Be Collaboratively Deliberate
Many tools exist for remote collaboration today, from Zoom, WebEx, and BlueJeans to Google Hangouts. The technology is there, but the bigger question is how we put this technology into use to facilitate threat modeling.
Focus on using technology in such a way as to avoid friction. Tools should naturally allow collaboration inside the solution, or you use other video screen sharing tools that enable many folks to see a screen or see multiple screens at the same time.
When teaching threat modeling, some hate the idea of video-based sharing. The benefit of employing full video with remote threat modeling is the ability to read the room and determine how people are engaged. If someone appears to be distracted, video allows you to invite them back into the conversation, not by embarrassing them, but by asking a question to get them to re-engage in the threat modeling process.
Our advice is to enable video and focus on deliberate collaboration in your remote threat modeling sessions.
Remote Threat Modeling Tip #3 - Set Up Your Tool/approach in Advance of Your Remote Threat Model Session
One lesson learned is to ensure you properly prepare for your remote threat modeling session. We found in using Miro that we had to sign up for accounts and share a Board to collaborate as a group. If you are approaching remote threat modeling with your team, create a set of instructions on what developers need to do in advance of the session.
Another setup step is to create your data flow diagram template before the start of your first session. It will be a terrible experience for your threat modeling student to sit quietly for the first ten minutes of the meeting while you create the template and try to verbalize and draw at the same time. Build the template in advance as preparation for a successful teaching session.
We are all living in strange times right now, with everyone working from home. Based on our experimentation, we’ve found that remote threat modeling is not only possible but can be very productive as we embrace this new world.
The key to successful remote threat modeling is to choose the correct drawing or threat modeling tool from the beginning and set up your tool and template to serve your threat modeling student best.
Enhance Your Security with Threat Modeling
Threat modeling is an essential step in the development process that ensures application security is built into the product from conception to release, and it encourages developers and testers to adopt a security-focused mindset by proactively identifying and addressing potential security vulnerabilities.
Security Journey offers Threat Modeling Lessons on our AppSec Education Platform; you can contact our team to get started today!