Threat Modeling Methodology: PASTA

The Process of Attack Simulation and Threat Analysis (PASTA) is a risk-centric threat modeling methodology co-founded by VerSprite CEO Tony UcedaVélez and security leader Marco M. Morana. PASTA has the added benefit of scalability, it can scale up or scale down as required which is ideal for growing businesses, while most other threat modeling frameworks can also map into it.

PASTA aims to bring together the objectives of an organization, but also its technical requirements. As such this method creates cross-team collaboration, involving both technical teams and key decision makers. This means that with PASTA both compliance and regulatory needs are met, as well as the technical scope and potential vulnerabilities.

In addition, PASTA is scalable (both up and down) as required which makes this the ideal methodology for growing businesses - indeed, most other threat modeling frameworks can map to it. Among the other benefits of PASTA is the fact it allows for a contextual approach, in which technical actions can always be tied back to business objectives. With a focus on the probability of attack, likelihood, inherent risk and impact of compromise, PASTA provides evidence-based threat modeling to support threat motives and leverage data.

Some benefits of using PASTA¹

Collaborative approach: aligns security efforts with business objectives, ensuring that security measures are tailored to protect critical assets and processes. Allowing departments to collaborate and leverage existing organizational processes.
Customizable: can be tailored to fit specific industry needs and different types of projects, making it adaptable to a wide range of contexts. It scales up or down.
Risk-centric: mitigates what matters and adopts the perspective of an attacker. Prioritizes threats based upon the potential impact on business operations and assets.
Evidence-based threat modeling: to support threat motives and leverage data
Attacker-focused: Focus on probability of attack, likelihood, inherent risk, impact of compromise. It incorporates the simulation of real-world attack scenarios, providing a more realistic assessment of potential threats.

PASTA provides a 7-step process for risk analysis:²

Define objectives
Define technical scope
Application decomposition
Threat analysis
Vulnerability and weaknesses analysis
Attack modeling
Risk and impact analysis

To understand these steps in depth, take a look at this guide by VerSprite itself: VerSprite PASTA Threat Modeling Process.

The PASTA methodology aims to align both the objectives of a business as well as its technical requirements, hence the benefits of cross-team collaboration and involvement of technical teams alongside key senior decision makers. Due to its risk-centricity and comprehensive 7-step process, PASTA encapsulates not just the technical scope and possible vulnerabilities, but necessary compliance and regulatory needs for that organization. PASTA produces an asset-centric output with a priority focused inventory and score.³

Are there any limitations to PASTA?

Complexity in execution: PASTA is a structured methodology that may require a higher level of expertise, potentially posing a challenge for less experienced teams.
Reliance on available data: the accuracy and effectiveness of PASTA relies on the availability and quality of data regarding the system and its architecture.
Scalability: while PASTA is designed to be scalable, extremely large or distributed systems may pose additional challenges in terms of conducting a thorough analysis.

Should I consider other Threat Modeling Methodologies?

To learn more about other methodologies please visit Threat Modeling Methodologies.

Information Sources:

1. Versprite, What is PASTA Threat Modeling? (2021) versprite.com/blog/what-is-pasta-threat-modeling/
2. Software Engineering Institute, Threat Modeling: 12 Available Methods (2018) https://insights.sei.cmu.edu/blog/threat-modeling-12-available-methods/
3. EC-Council, Cyber Threat Modeling eccouncil.org/threat-modeling

‍