ISEC 620 Lab 3: Threat Modeling
In the previous lab, you created a Kanban Board. One of the tasks you created in Module-2 should be to perform threat modeling for the blog website you have been developing for your customer. You decided to perform threat modeling after the vulnerability management team discovered a critical vulnerability on the web service.
The blog site is in the staging environment. It will be migrated to the production environment in the Azure cloud next month. The blog site will eventually serve as an information sharing and collaboration portal for authenticated users. It will use an SQL database at the backend.
As the project manager, you want to see the Data Flow Diagram (DFD) that shows the communications between various entities and to perform threat modeling with your team to explore threats and suggest countermeasures.
Please read the following articles:
A short introduction to Microsoft’s STRIDE (Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege) threat modeling approach:
A short case:
A detailed case, learn more about the approach to threat modeling in this article:
You will use Microsoft Threat Modeling Tool in this lab. Familiarize yourself with the tool by reviewing this page:
Access to Microsoft Threat Modeling Tool:
1) If you want to run it on your Windows machine, you can download it from https://aka.ms/threatmodelingtool and run the tool on your personal computer.
2) Alternatively, you can reserve the Windows 10 instance in the Netlab environment (https://netlab.franklin.edu). Please refer to the Netlab Reservation Instructions for access details.
Instructions & Questions
1. Double click the Microsoft Threat Modeling 2016 icon on the desktop.
2. Click the Browse button and select the Azure Cloud Services file.
3. Click the Create A Model.
4. Please refer to the “Microsoft Threat Modeling Tool 2016 Guidance” section of this document to get guidance on using the threat modeler tool.
Part 1: Create a Data Flow Diagram
There is no single solution for this lab. After carefully reading the description given in the introduction section of this lab instruction, draw a DFD that shows Data stores, Processes, Interactors, Data flows, and Trust boundaries. Take the screenshot of the DFD.
Part 2: Review Threats
1. Switch to analysis view
2. Review all of the threats that are automatically devised by the tool
3. Add two more threats.
Take a screenshot of the new threats.
Part 3: Devise Mitigations and Change Threat Properties
1. For the threats you added, change the status to Mitigated and fill out the “Possible Mitigations” section.
2. Choose one threat, change the status to “Not Applicable”. Fill out the justification section.
3. Choose another threat, change the status to “Need Investigation”. Adjust the severity level and write a justification for it.
Take the screenshots that show the result of your actions.
Part 4: Reporting
1. Click the Reports menu and “Create Full Report”.
2. Review the downloaded report.
Part 5: Project Management
1. Log into your Azure Board and create a task for the threat that needs investigation.
2. Take the screenshot of the Azure board showing the tasks.
Submit the Full Report and screenshots.
Microsoft Threat Modeling Tool 2016 Guidance
The below figure shows how to switch to analysis view.
In the analysis view, you see some generic threats, as shown below.
Right-click on the objects you created (Sample objects: “Request”, “Response,” and Trust Boundaries). You will see the “Add User-defined Threat” option.
Once you click on “Add User-defined Threat”, the threat list will show the new threat (1).
Fill out the details of the new threat (2).