To best understand Threat Modelling, an enterprise should be familiar with Cyber Threat Intelligence.
While ideally, threat modelling can be driven right from the LEFT (DevSecOps), using a framework to identify threats for your application development (Dev) stage, the enterprise might not have such luxury to go into that level of maturity.
Having said that, it is better to have Threat Modelling capabilities at least on the Operations (Ops) stage, correlating Cyber Threat Intelligence (external information) of the adversary, with the internal cyber security events from SOC / SIEM.
One of the tools capable of mapping the Threat Model is Anomaly Threat Stream. A threat intelligence platform that could model any threat tailored to your specific organization.
With Anomaly Threat Stream, the analyst can build a Threat Model based on a specific adversary relevant to your organization's industry. For example, a bank would have a specific adversary of a state-sponsored attacker such as Lazarus or Cobalt Strike. By mapping all the IOCs, Tools-Technique-Procedures (TTP) along with MITRE ATT&CK Framework, an organization can have a specifically tailored cybersecurity defence that is much stronger and more impactful for its operations.
The Threat Model can then be shared amongst Trusted Circle of the organizations, making the best approach on collaborations and sharing.
Find out what your peers are saying about Recorded Future, Check Point Software Technologies, Microsoft and others in Threat Intelligence Platforms. Updated: March 2024.
What is vendor risk management? Vendor risk management (VRM) is the policy of ensuring that the relationship between service providers and IT organizations does not create an opportunity for interruptions in business productivity, profitability, and performance. The VRM process indicates that organizations should consistently monitor, manage, and assess their risk potential from outside vendors and any third-party suppliers that provide IT products, services, and solutions or that have...
To best understand Threat Modelling, an enterprise should be familiar with Cyber Threat Intelligence.
While ideally, threat modelling can be driven right from the LEFT (DevSecOps), using a framework to identify threats for your application development (Dev) stage, the enterprise might not have such luxury to go into that level of maturity.
Having said that, it is better to have Threat Modelling capabilities at least on the Operations (Ops) stage, correlating Cyber Threat Intelligence (external information) of the adversary, with the internal cyber security events from SOC / SIEM.
One of the tools capable of mapping the Threat Model is Anomaly Threat Stream. A threat intelligence platform that could model any threat tailored to your specific organization.
With Anomaly Threat Stream, the analyst can build a Threat Model based on a specific adversary relevant to your organization's industry. For example, a bank would have a specific adversary of a state-sponsored attacker such as Lazarus or Cobalt Strike. By mapping all the IOCs, Tools-Technique-Procedures (TTP) along with MITRE ATT&CK Framework, an organization can have a specifically tailored cybersecurity defence that is much stronger and more impactful for its operations.
The Threat Model can then be shared amongst Trusted Circle of the organizations, making the best approach on collaborations and sharing.