Threat modelling in a post-C.I.A world — focus on D.I.E

Mapping the Threat Modelling activity
Mapping the Threat Modelling activity with added 4 questions

Post-C.I.A

  • Distributed — Is that system distributed in a way which takes full advantage of orchestration capabilities ? do we have limits in place to how many systems can be scaled to and are there any financial or anomaly detections which re-assess operational needs periodically ? do we understand the system’s behaviour as and when it scales and upstream or downstream impact in other components ? are we reliant on single zones, regions or cloud providers and is that acceptable ? do we know how the system behaves when it happens ? are all of the architecture elements distributed or just a few ?
  • Immutable — is that change reflected declaratively ? if we re-provision our systems, are we certain all latest changes and minor updates will be applied ? are there other access methods besides CI/CD by which code could be put in production ? would we know if someone did that and has it been tested ? could code be put in production outside of our trusted registries ? how are we admitting artefacts into our production environment ? how are we sure that referenced packages are actually the vendor provided versions and do we have mechanisms which validate this ? how long does it take between developers writing code and it being in production and why isn’t that shorter ? What’s the gap or constraint ?can your teams get shell access to production and if so, why do they need it and would you detect misuse ?
  • Ephemeral — how often are we re-provisioning our systems ? do we have systems with more than 30 days uptimes, and if so why is that ? for the longer lived systems, would we know how to detect attacker persistence ? is our data engineering practices exposing confidential information ? are we mitigating this threat with the use of privacy enhancing techniques to reduce the value of the exposed data ? after a certain task is performed, why is the underlying system not terminated ?

--

--

--

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

How Exactly Are Verifiable Credentials Making the World Better?

{UPDATE} BASTRA Try Hack Free Resources Generator

{UPDATE} Fashion Star Boutique - Design, Style, Dress Hack Free Resources Generator

What are “Vampire Attacks”?

How to add Fantom Opera Chain via Metamask

screen showing computer code

A Deep Dive Into Hardware Wallets

NEW GEM to Hold this Month:

$139M BXH Exchange Hack: How to Keep Your Cryptocurrency Safe

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Mario Platt

Mario Platt

More from Medium

Elastic Cluster with X-Pack Security

Kubernetes SSL Certificate Issue: “certificate resource is not owned by this ingress.

Understanding Distributed Tracing

Allowlist Your IP Address to Security Connect to an OCI Compute Instance